Hello-
I am running a frontend app on cloud run. When the backend server creates a redirect request to process a callback on the frontend app, cloud run response includes "access-control-allow-origin: *" from "
server: Google Frontend"
Chrome network trace shows the result was "CORS error" wildcard origin not allowed. The request for redirect header " origin: null" was included by Chrome.
How do we configure cloud run not to include access-contron-allpow-origin: * or send a custom origin matching the app custom domain hosted on cloud run?
Best answer by guillaume blaquiere
Hi Mali.
Cloud Run doesn’t include the allow origin header by itself. You app must do it. Review your code, your libraries, your configuration, you should have an existing layer that perform that operation.