I have a react app hosted via cloudfront which is ...
# helpj
Jack G
12/23/2021, 3:36 PMI have a react app hosted via cloudfront which is displayed in an iframe in a 3rd party platform (it's a zendesk application that points to the cloudfront url) and i'm trying to lock it down so that only requests to load content from zendesk are allowed. Zendesk has a feature where it can send a jwt as POST request on the initial page request but i'm having trouble as it doesn't seem possible to deny the request if the jwt is invalid on that one POST request (other GET requests to the content hosted in the s3 origin still make it through) is there any way to accomplish this? I appreciate it's probably a niche issue
g
Gabriel Araújo
12/23/2021, 3:59 PMCORS
Gabriel Araújo
12/23/2021, 3:59 PMGabriel Araújo
12/23/2021, 4:04 PMallow only the zendesk domain to fetch resources from the server..
f
Frank
12/23/2021, 4:13 PM
Thanks @Gabriel Araújo 🎯