Azure web app security: How to allow connections only from a whitelisted domains RRS feed

  • Question

  • I have one Azure webApp, I need to provide some security to that web app. I have below requirement.

    1. Web app should not accept connection from all the domains. (It should have a list of domains from where it will accept connections)
    2. If a new domain got added to whitelist domain, then my app will allow request from that new domain without restart or reconfigure.

    Is there a way to configure at Azure level to allow requests from specific domains.

    Thanks, Abhi

    Wednesday, December 2, 2015 12:47 PM


  • Hi Abhi,

    This forum is for developer discussing developing issues about Office add-ins.

    Ordinarily, all the webpages that run in a web browser must follow the same-origin policy enforced by the browser: by default, a webpage in one domain can't make XmlHttpRequest web service calls to another domain other than the one where it is hosted.

    And you can get more detail about this topic in Office add-ins from link below:
    Addressing same-origin policy limitations in Office Add-ins

    There is no need to addition settings for limit the cross domain request. If we want to enable the cross domain request on some specific domain, we can use JSONP, CORS and server side solution etc.

    If you have problem about cross domain when you developing a ASP.Net web application, I suggest that you reopen a new thread in ASP.Net forum.

    And if you have problem about Azure, you can ask help from link below:

    Microsoft Azure

    Please feel free if you have any problem about Office add-ins.

    Regards & Fei

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, December 3, 2015 3:21 AM