i have .net web api json service going called angularjs website. both website , web service hosted in same server, may or may not hosted within same iis site. @ moment, service exposed , can call it's method's browser. secure this, not sure best option be. ideally, think require client certificate, since client javascript, ie client side, not sure work. advice appreciated.
your cert extracted, simple use cors scope rules allow access designatted url's only
[enablecors(origins: "http://www.example.com", headers: "*", methods: "*")] 
Comments
Post a Comment