CoreWebView2CustomSchemeRegistration.AllowedOrigins Property

  • Reference

Definition

Namespace:
Microsoft.Web.WebView2.Core
Assembly:
Microsoft.Web.WebView2.Core.dll
Package:
Microsoft.Web.WebView2 v1.0.1340-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1369-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1414-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1466-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1549-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1587.40
Package:
Microsoft.Web.WebView2 v1.0.1619-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1661.34
Package:
Microsoft.Web.WebView2 v1.0.1671-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1722.45
Package:
Microsoft.Web.WebView2 v1.0.1724-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1774.30
Package:
Microsoft.Web.WebView2 v1.0.1777-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1823.32
Package:
Microsoft.Web.WebView2 v1.0.1829-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1901.177
Package:
Microsoft.Web.WebView2 v1.0.1905-prerelease
Package:
Microsoft.Web.WebView2 v1.0.1938.49
Package:
Microsoft.Web.WebView2 v1.0.1988-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2045.28
Package:
Microsoft.Web.WebView2 v1.0.2065-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2088.41
Package:
Microsoft.Web.WebView2 v1.0.2106-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2151.40
Package:
Microsoft.Web.WebView2 v1.0.2164-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2194-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2210.55
Package:
Microsoft.Web.WebView2 v1.0.2277.86
Package:
Microsoft.Web.WebView2 v1.0.2357-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2365.46
Package:
Microsoft.Web.WebView2 v1.0.2415-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2420.47
Package:
Microsoft.Web.WebView2 v1.0.2470-prerelease
Package:
Microsoft.Web.WebView2 v1.0.2478.35
Package:
Microsoft.Web.WebView2 v1.0.2526-prerelease

List of origins that are allowed to issue requests with the custom scheme, such as XHRs and subresource requests that have an Origin header.

public System.Collections.Generic.List<string> AllowedOrigins { get; set; }
member this.AllowedOrigins : System.Collections.Generic.List<string> with get, set
Public Property AllowedOrigins As List(Of String)

Property Value

List<String>

Remarks

The origin of any request (requests that have the [Origin header](https://developer.mozilla.org/docs/Web/HTTP/Headers/Origin)) to the custom scheme URI needs to be in this list. No-origin requests are requests that do not have an Origin header, such as link navigations, embedded images and are always allowed. Note that cross-origin restrictions still apply. From any opaque origin (Origin header is null), no cross-origin requests are allowed. If the list is empty, no cross-origin request to this scheme is allowed. Origins are specified as a string in the format of scheme://host:port. The origins are string pattern matched with * (matches 0 or more characters) and ? (matches 0 or 1 character) wildcards just like the URI matching in the AddWebResourceRequestedFilter(String, CoreWebView2WebResourceContext) API. For example, http://*.example.com:80.

Here's a set of examples of what is allowed or not:

Request URIOriginating URLAllowedOriginsAllowed
custom-scheme:requesthttps://www.example.com{"https://www.example.com"}Yes
custom-scheme:requesthttps://www.example.com{"https://*.example.com"}Yes
custom-scheme:requesthttps://www.example.com{"https://www.example2.com"}No
custom-scheme-with-authority://host/pathcustom-scheme-with-authority://host2{""}No
custom-scheme-with-authority://host/pathcustom-scheme-with-authority2://host{"custom-scheme-with-authority2://*"}Yes
custom-scheme-without-authority:pathcustom-scheme-without-authority:path2{"custom-scheme-without-authority:*"}No
custom-scheme-without-authority:pathcustom-scheme-without-authority:path2{"*"}Yes

Applies to