I have an API built through Azure Functions that works when called through JavaScript in all browsers except for Safari. From another question, it appears I need to allow a header of "Origin" in the CORS configuration. The only configuration I see in the Azure portal is allowing origins. How do I configure allowed headers?
If it matters, this is developed and published through VS2017 Azure function tools.
How do I configure allowed headers?
It seems that we also could do that with Azure portal. More details info please refer to the screenshot.
To allow all, use "*" and remove all other origins from the list. Slashes are not allowed as part of domain or after TLD.
Allowed headers are not configurable within Azure Functions as it allows all.
Related
I have an Azure webapp and normally if I want to block an IP address, I go to Azure dashboard panel and under networking>Configure Access Restrictions, I add a rule to do so. This picture shows which menu item I mean:
However, I would like to do this programmatically. I see that the documentation shows how you can do this through Powershell.
I have also managed to find the API documentation for WebApp. But I can't find the last piece of the puzzle which is the API that does what I need.
Can someone please tell me if it is possible and which API I should use? Thank you in advance.
According to the doc: Use an Azure REST API PUT operation on the app configuration in Azure Resource Manager. The location for this information in Azure Resource Manager is:
management.azure.com/subscriptions/subscription ID/resourceGroups/resource groups/providers/Microsoft.Web/sites/web app name/config/web?api-version=2020-06-01
Then I searched the Azure Rest API and found this:
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/web?api-version=2019-08-01
We could update the field properties.ipSecurityRestrictions to update the value of Access Restrictions.
In addition, you could also check this blog: Bulk add IP Access Restrictions to Azure App Service using Az PowerShell
There does not appear to be a one-to-one match between powershell commands and api.
The closest I could find is:
https://learn.microsoft.com/en-us/rest/api/appservice/webapps/putprivateaccessvnet
This allows you to define which vnet has access to your web app. By controlling access to your vnet, you can control access to your app.
I am attempting to secure files in one folder on Verizon Premium CDN using token authentication. I have followed the docs here.
I have successfully installed the PHP module that encrypts requests and it is working correctly in my application, tested against the encrypt/decrypt tool in the Azure Portal.
I have set up a rule in the rules engine on the CDN endpoint, but when I access the files directly on the CDN endpoint they are not locked or secured and do not require any token key to load them. I am not sure if I have missed something, or if my Rules Engine rule is wrong. My custom rule in the rules engine is set up with this logic:
If 'URL Path Directory' 'matches' '/assets/v1/' then 'enable' 'Token Authentication', 'ignore case', relative to 'root' (the other option rather than root would be 'origin').
Have I got the path wrong? Am I missing some regular expression detail?
The only similar questions here on SO have not successfully dealt with this question and have just talked about privacy options on blobs/containers etc. I originally tried all the same setup on an Azure Storage using a container and blobs but these did not get secured in any way either. I have now set it up to get the files from the web application web site instead. I am quite happy to set it up whichever way works best.
We're hosting our application on Azure and need to add a sub domain in the custom hostname section. We need to do this dynamically so needs to be done at run time.
I've tried using the Azure management rest API but can't seem to find the app when making any call.
Whats the best way to add a custom header to an app service with out using the Azure portal?
Thanks in advance.
You could place an API Management in front of you app and use the "Set HTTP header" transformation policy to add a custom header to the request:
Assigns a value to an existing response and/or request header or adds
a new response and/or request header
Going through the API docs they had a call that did what we needed.
https://learn.microsoft.com/en-us/rest/api/appservice/webapps/createorupdatehostnamebinding
So in my API, I have a few secret endpoints hidden from the documentation. This is achieved nicely using the attribute IgnoreAPI. The endpoints aren't dangerous, but I just don't want them advertised to end users.
However, I'm now starting to use Azure API Management, in which you easily configure APIs using Swagger. IgnoreAPI stops the endpoint from going in the Swagger document, and thus, stops the auto-set up from discovering IgnoreAPI attributed endpoints.
Is there a standard way of making certain endpoints invisible on Azure API Management WITHOUT using ignoreAPI? Or is there a way to force in IgnoreAPI endpoints and hide them in the Developer Portal?
One option would be to create the "hidden" operations in a separate API that is attached to a hidden product. Currently there isn't a way to identify specific operations as hidden.
I'm still open to suggestions, but this is the best solution I found:
If you go into the Developer Portal Template Editor, you can edit the markup for the template that shows the list of endpoints. I made a blacklist that will skip my hidden endpoints. It works across all APIs too!
I have an Azure Function app running on dynamic pricing and am trying to set up a custom domain.
I have added and verified the domain and setup the CNAME record accordingly. The custom domain shows up correctly as the "URL" when I view the App Service settings in the Azure portal. If I try to use this domain, however (to access an HTTP trigger function), I am returned with "Error 404 - Web app not found."
When I look at the Function URL in the portal, it still shows the x.azurewebsites.net domain, not the custom domain I have added. Is there anything additional I need to do to get Functions working with a custom domain?
Copying from my answer on MSDN forum:
Indeed, custom domains are not yet supported for Dynamic Function plans. This support will come a bit later (no clear ETA to share at this point).
Thanks to #David Ebbo I figured out how to do this for a Function App running in a consumption plan (e.g. Y1). Here is the MSFT docs article:
https://learn.microsoft.com/en-us/azure/app-service/scripts/cli-configure-custom-domain
It seems that it cannot currently be done via the Azure Portal GUI and instead you must use Azure CLI to run the commands. It's easy to do directly from that article page using the "Try It" link to the embedded azCLI.