asp.net-core – Cross-Origin Requests (CORS) – More sophisticated CORS policies

The policy builder allows you to build sophisticated policies.

app.UseCors(builder =>
{
    builder.WithOrigins("http://localhost:5000", "http://myproductionapp.com")
           .WithMethods("GET", "POST", "HEAD")
           .WithHeaders("accept", "content-type", "origin")
           .SetPreflightMaxAge(TimeSpan.FromDays(7));
});

This policy only allows the origins http://localhost:5000 and http://myproductionapp.com with only the GET, POST and HEAD methods and only accepts the accept, content-type and origin HTTP headers. The SetPreflightMaxAge method causes the browsers to cache the result of the preflight request (OPTIONS) to be cached for the specified amount of time.

if you want to reproduce, please indicate the source:
asp.net-core – Cross-Origin Requests (CORS) – More sophisticated CORS policies - CodeDay