0

My .NET solution uses jQuery and webservices for ajax. I'm looking for a way to restrict the access to the webservices only for my own domain. Is there a way to do that?

Improve this question

2 Answers 2

Reset to default
3

this link might be helpful you can specify the request origin as

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="YOUR_SERVICE_NAME">
        <domain uri="http://YOUR_DOMAIN.com"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-access>
</access-policy>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

A web service is the same as any other HTTP-based resource, e.g. network rules (such as on a firewall) can be applied. If your web service was created as a WCF endpoint, you have granular security controls available to you, including claims-based authentication where the originating domain can be a claim.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.