Middleware CORS - how can I add more than one origin

Rohit_Nz · April 13, 2025, 7:14am

I want to start locking down things. There is a field Origin in the CORS middleware of Sparkle. How can I add more than one origin.

wlandgraf · May 5, 2025, 5:59pm

There is no such option in CORS middleware itself (only one origin is allowed for now). But you can easily accomplish it using a generic middleware:

procedure TForm3.XDataServer1GenericRequest(Sender: TObject;
  Context: THttpServerContext; Next: THttpServerProc);
var
  Origin: string;
begin
  Origin := Context.Request.Uri.Host;
  if IsValidOrigin(Origin) then // you should create your own IsValidOrigin 
    Context.Response.Headers.SetValue('Access-Control-Allow-Origin', Origin)
  else
    Context.Response.Headers.Remove('Access-Control-Allow-Origin');
  Next(Context);
end;

Topic		Replies	Views
CORS for multiple domains BIZ Feature Requests sparkle	2	217	August 3, 2023
XDataServer and middleware (CORS) TMS WEB Core	1	605	March 18, 2020
How can I set some header lines in a TWebHttpRequest? TMS WEB Core	7	1134	August 26, 2022
CORS and Sphinx TMS Sphinx	5	798	April 13, 2023
CORS problem with client in Browser TMS XData	3	47	February 13, 2025

Middleware CORS - how can I add more than one origin

Related topics