Access-Control-Allow-Origin to allow Multiple Origin Domains/ Subdomain using Traefik - header

Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header using Traefik?
I'm aware of the *, but it is wildcard. I really want to allow just a couple domains.
As an example, something like this:
traefik.http.middlewares.pa.headers.customresponseheaders.Access-Control-Allow-Origin: 'http://domain1.example, http://domain2.example'
Is it possible to specify multiple domains/subdomains or am I stuck with just one?
The purpose of using this is for cookie based operations, where ui is hosted in abc.example.com, where credentials are set to include. In traefix the settings are with below configurations, hosted at xyz.example.com
traefik.http.middlewares.pa.headers.customresponseheaders.Access-Control-Allow-Headers: 'content-type,realm'
traefik.http.middlewares.pa.headers.customresponseheaders.Access-Control-Allow-Methods: 'GET,POST,PUT,PATCH,DELETE,OPTIONS'
traefik.http.middlewares.pa.headers.customresponseheaders.Access-Control-Allow-Credentials: 'true'
traefik.http.middlewares.pa.headers.customresponseheaders.Access-Control-Allow-Origin: 'http://abc.example.com'
But i have many UIs like efg.example.com and pqr.example.com.
Any help is much appreciated.

No currently I suppose.
Issue reported
Corresponding PR

Related

Can we use a different subdomain than 'stun'/'turn' for a STUN / TURN Server?

All the documentation / tutorials for setting up a STUN / TURN server suggest that we need to create two subdomains namely:
stun.yourdomain.com
turn.yourdomain.com
And then these can be accessed as:
stun:stun.yourdomain.com:5349
turn:turn.yourdomain.com:3478
Is it possible to register subdomains with different names than "stun" and "turn" ?
Has anyone tried / created subdomains as:
stun:somothername.yourdomain.com:5349 ?
Is there any official documentation / reference that can be used to understand this in more detail?
Thanks in advance!
If I understand RFC 5389 correctly, there is no requirement to use specific domain names, on the contrary:
Hard-coding the domain name of the server into software is
NOT RECOMMENDED in case the domain name is lost or needs to change
for legal or other reasons.
(from section 9)
As long as you follow the advice in that section for DNS Discovery, you should be able to use any domain/host name you like.

Can we set any number of Redirect URI in a application for multiple users?

I am working on a multitenant application where we will have multiple base urls based on our customers.
Here I have a requirement to set Redirect URI for each customers. My confusion is can we set any number of uri in an application? Or Is there any limitation or maximum limit of creating the uri?
This application is created as microservice.
Not sure if I get your question right, maybe an example would be beneficial.
In general, you can use path parameters to make an URI customer-specific, e.g. /pre-path/customer/{customerId}/redirect. This is basically one path, but customerId is used as parameter to distinguish multiple users and can have "infinite" different values.

Pass multiple domains to restrict - in "hd" parameter in Google OAuth

I'm using Google OAuth for account linking.
I'm setting hd parameter to restrict particular domains (Ref), and it's working fine.
but my question is can I restrict more than one domains?
like currently I'm setting hd as
"hd": "jaypatel.co.in"
But what if I want to allow two or three domains instead of just
jaypatel.co.in? is there any way to do that?
I know that I arrive a bit late but I tried to pass different domains as an Array
hd: ['mydomain1.com', 'mydomain2.com']
and it seems to be the behavior you looked for.

Pass data such as username in hostname

I have seen some sites use hostnames as data such as usernames (for example username.example.com) and was wondering how you would be able to achieve this.
Is it good practice to use hostnames like this or are there reasons against it?
Thanks in advance.
It is generally bad practice to treat hostnames this way. Lookups become a bit more complicated and it is always safest to use usernames in the path or query.
Hostnames are designed to be thought of in a global sense. For instance user.example.com/username/profile
It also helps protect the user (a little) because paths can be encoded into the http request where a subdomain request essentially requests user.example.com and that request can be redirected multiple times before returning to the client and dns monitoring is the number one way that people do tracking.
DNS tracking is easy because its already fast, open, and the contents aren't designed to be hidden like https or more recent ipsec techniques.
I've accomplished this by setting up a DNS wildcard with your DNS host (*.example.com) then using PHP to parse out the username in the URL and act accordingly.

Planning url rewrite for my web app

I'm working on a site which shows different products for different countries. The current url scheme I'm using is "index.php?country=US" for the main page, and "product.php?country=US&id=1234" to show a product from an specific country.
I'm planning now to implement url rewrite to use cleaner urls. The idea would be using each country as subdomain, and product id as a page. Something like this:
us.example.com/1234 -> product.php?country=US&id=1234
I have full control of my dns records and web server, and currently have set a * A record to point to my IP in order to receive *.example.com requests. This seems to work ok.
Now my question is what other things I'd need to take care of. Is it right to assume that just adding a .htaccess would be enough to handle all requests? Do I need to add VirtualHost to each subdomain I use as well? Would anything else be needed or avoided as well?
I'm basically trying to figure out what the simplest and correct way of designing this would be best.
The data you need to process the country is already in the request URL (from the hostname). Moving this to a GET variable introduces additional complications (how do you deal with POSTs).
You don't need seperate vhosts unless the domains have different SSL certs.