Only allow specific domain access to web api

Question

Only allow specific domain access to web api

I have a web api that I created.

I want only a certain domain to be able to access this data; I do not want everyone to access it. Is this achievable? Is this recommended? How would I do this, or could someone point me in the right direction - articles, etc.

Thank you all

+4

asp.net-web-api

Ilyas Oct 29 '13 at 8:23

source share

2 answers

Nenad · Answer 1 · 2013-10-29T08:33:21+0000

There is built-in support for "CORS for ASP.NET Web API" version 2 (MVC5): http://aspnetwebstack.codeplex.com/wikipage?title=CORS%20support%20for%20ASP.NET%20Web%20API

Jos Vinke · Answer 2 · 2013-10-29T08:34:22+0000

, , . , . , , .

:

var currentReferrer = HttpContext.Current.Request.UrlReferrer.GetLeftPart(UriPartial.Path);
if (currentReferrer != requiredReferrer)
{
            // Not the right domain.
}

, , :

HTTP Referer, , . Referer, , Referer, FTP HTTPS. Referer -, Referer . , Flash ( 9.0.18) Flash GET POST HTTP- CRLF Injection. [22] CRLF HTTP-.

: :

Only allow specific domain access to web api

More articles: