I was walking through the example posted here for DSP authentication (fantastic walk through, by the way, thank you!):
Locally, I’m running the Angularjs application through the grunt web server via $grunt serve
Remotely, I’m running a free-hosted DSP at dreamfactory.com. I have setup CORS to allow ‘*’. This is working just fine!
My question is how I can limit the CORS configuration to only allow a connection from my home web server?
I’ve tried to create an entry for “localhost”, “127.0.0.1”, also the IP that is reported from whatismyip.com, the dns entry that my provider lists for my home IP when I ping it, a dyndns entry that I create for my home internet IP… None of them work, except for ‘*’ (which allows anyone to connect).
I don’t think that this is a DreamFactory issue, I think it is an educational issue for me to know what that CORS entry should look like to allow ONLY a connection from my home web server.
Am I missing something obvious?