context.Response.Clear(); context.Response.ContentType = "text/plain"; context.Response.ContentEncoding = System.Text.Encoding.UTF8; var host = context.Request.UrlReferrer?.Host?.TrimEnd('/'); //log.Info($"Host:https://{host.Replace("https://", "")}"); if (PublicClass.OA_AllowOrigin != null && !string.IsNullOrEmpty(host)) { if (PublicClass.OA_AllowOrigin.Contains(host)) context.Response.AddHeader("Access-Control-Allow-Origin", $"{context.Request.UrlReferrer.Scheme}://{host}"); } else { context.Response.AddHeader("Access-Control-Allow-Origin", "*"); } context.Response.AddHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, HEAD,PUT"); context.Response.AddHeader("Access-Control-Max-Age", "3600"); context.Response.AddHeader("Access-Control-Allow-Headers", "access-control-allow-origin, authority, content-type, version-info, X-Requested-With"); context.Response.AddHeader("Access-Control-Allow-Credentials", "true");