After the recent changes to how CORS works with Azure (https://docs.microsoft.com/answers/questions/6842/announcement-samesite-cookie-handling-and-net-fram.html) our site is no longer working, and I can't find out why.
The web.config contains the following under customHeaders:-
[Attached web.config] - 2951-webconfig.txt
On the Azure Portal I have enabled CORS with an Allowed Origin of *
The site loads items from subdomains of itself, rather than from other sites (e.g. if the User is logged in to the URL 'bob.website.com' it will load bits from 'x.website.com', 'y.website.com' and 'z.website.com').
It worked on Azure prior to this change, and still works if I publish it to other hosts.
Anyone able to point me to what else I need to do to get this working again please?