I've created a self hosting Owin/SignalR app with code similar to the code in this tutorial:
SignalR Self Host Tutorial
Everything works, but for security-sake, I'd like to limit it to only allow messages from a specific remote site. In other words, I'd like to replace the "app.UseCors(CorsOptions.AllowAll);" line with code to confine the app to only responding to messages from a URL that I define, i.e. only allow messages from, say, http://www.remote_site.com or something. Is there any easy way to do this?
For reference, here is the code for my SignalR startup class:
using System;
using Microsoft.AspNet.SignalR;
using Microsoft.Owin.Hosting;
using Owin;
using Microsoft.Owin.Cors;
namespace SignalRSelfHost
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseCors(CorsOptions.AllowAll);
app.MapSignalR();
// How do I only allow a specific URL instead of the "CorsOptions.AllowAll" option?
}
}
}
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…