Mapping a custom domain (CNAME) to azure storage to solve CORS related issues?

StackOverflow https://stackoverflow.com/questions/21626928

Question

I believe in the last few days (around 4th Feb 2014), Microsoft announced CORS support for Azure Storage (link here) which is obviously a great idea.

In my case, I just wanted to find some confirmation of using a custom domain to map to azure storage which would solve an issue as follows:

  1. Azure storage has a container with assets (images/docs etc)
  2. I also have css/js assets there in azure storage too

Because at present the azure storage location is something like mystorage.blob.core.windows.net and my actual domain (where pages/services live) is say www.mydomain.com, I get CORS issues loading assets from a different domain of course.

So my question is if I do map a CNAME (for example assets.mydomain.com) to azure storage, will this solve the CORS related issues? Seems to me it should, however I wanted to check if others had a similar experience that they could comment on?

Thanks in advance.

Was it helpful?

Solution

You shouldn't get CORS issues loading assets, if they're just being loaded via link, script and img tags and the like. CORS only applies to AJAX requests made by JavaScript code in browsers.

Also, if the CORS rules are correctly configured on the Azure Storage account Blob service, the domain you use to address the account is irrelevant; it's the domain the current web page was served from (the Origin domain) that must be accepted by the CORS-enabled service.

So for example, if your page is served from yaysite.com, and you try to access a resource on yay.blob.core.windows.net using an XMLHttpRequest, the browser will add an Origin header to the request:

Origin: http://yaysite.com

The server at yay.blob.core.windows.net then needs to return an Access-Control-Allow-Origin header matching that to the response headers:

Access-Control-Allow-Origin: http://yaysite.com

If the browser doesn't see this header in the response, it will discard the data and the XMLHttpRequest object will trigger the error event.

Setting CORS rules on Azure Storage is described in this MSDN blog post.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top