A hub and casual space for you to interact with fellow community members and learn more about Umbraco!

Umbraco

I have got UmBootstrap working as a Content Delivery API in an Azure Web App and the same page using the JSON in a static HTMX site.
However, to do so I have had to allow an origin in Azure.
How can I protect that origin so that only my static site can access the API?

https://docs.umbraco.com/umbraco-cms/reference/routing/custom-middleware#configuring-the-cross-origin-resource-sharing-cors-middleware

https://codeshare.co.uk/blog/how-to-set-up-a-cors-policy-in-umbraco-12/

Should also be able to use dataAttributes for more granular control once cors is added.
https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-8.0#enable-cors-with-attributes

Second article is very handy thanks <@887616572066263040>