nerdexam
ExamsPROFESSIONAL-CLOUD-DEVELOPERQuestions#146
GoogleGoogle

PROFESSIONAL-CLOUD-DEVELOPER · Question #146

PROFESSIONAL-CLOUD-DEVELOPER Question #146: Real Exam Question with Answer & Explanation

https://cloud.google.com/functions/docs/samples/functions-http-cors

Implementing Security

Question

You have an application that uses an HTTP Cloud Function to process user activity from both desktop browser and mobile application clients. This function will serve as the endpoint for all metric submissions using HTTP POST. Due to legacy restrictions, the function must be mapped to a domain that is separate from the domain requested by users on web or mobile sessions. The domain for the Cloud Function is You need to add a header to the function's HTTP response so that only those browser and mobile sessions can submit metrics to the Cloud Function. Which response header should you add?

Options

  • AAccess-Control-Allow-Origin: *
  • BAccess-Control-Allow-Origin: https://*.example.com
  • CAccess-Control-Allow-Origin: https://fn.example.com

Explanation

https://cloud.google.com/functions/docs/samples/functions-http-cors

Topics

#CORS#Cloud Functions#HTTP Headers#Web Security

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PROFESSIONAL-CLOUD-DEVELOPER PracticeBrowse All PROFESSIONAL-CLOUD-DEVELOPER Questions