AZ-203 Exam QuestionsBrowse all questions from this exam
Go to Exam

AZ-203 Exam - Question 89

HOTSPOT -

You need to resolve the Shipping web site error.

How should you configre the Azure Table Storage service? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Exam AZ-203 Question 89
Show Answer
Correct Answer:
Exam AZ-203 Question 89

Box 1: AllowedOrigins -

A CORS request will fail if Access-Control-Allow-Origin is missing.

Scenario:

The following error message displays while you are testing the website:

Exam AZ-203 Question 89

Box 2: http://test-shippingapi.wideworldimporters.com

Syntax: Access-Control-Allow-Origin: *

Access-Control-Allow-Origin:

Access-Control-Allow-Origin: null

Specifies an origin. Only a single origin can be specified.

Box 3: AllowedOrigins -

Box 4: POST -

The only allowed methods are GET, HEAD, and POST. In this case POST is used.

"" "allowedmethods" Failed to load no "Access-control-Origin" header is present

References:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin

Discussion

8 comments
Sign in to comment
Regimiento
Dec 11, 2019

Second box should be http://test.wideworldimporters.com, as that is the origin from the error message.

Zhang
Dec 24, 2019

Yes, agreed, second box should be http://test.wideworldimporters.com. the last box either POST or GET. GET is also acceptable.

balddie
Jan 17, 2020

I disagree, the error is happening in the API calling the function app.

PHARKGAOYOU
Jun 18, 2020

go study well and come back, don't make confusion over here. The answer is indeed 2nd Box

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

RT007
Jun 25, 2020

second box is the correct answer

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

PHARKGAOYOU
Jun 18, 2020

go study well and come back, don't make confusion over here. The answer is indeed 2nd Box

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

RT007
Jun 25, 2020

second box is the correct answer

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

balddie
Jan 17, 2020

I disagree, the error is happening in the API calling the function app.

PHARKGAOYOU
Jun 18, 2020

go study well and come back, don't make confusion over here. The answer is indeed 2nd Box

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

RT007
Jun 25, 2020

second box is the correct answer

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

chintan4190
Mar 29, 2020

origin from the error message is without dot. it is "http://testwideworldimporters.com" where as in option it is http://test(dot)wideworldimporters.com.

oxaytol
Jun 14, 2020

In this case i think it is a typo error. The origin is http://testwideworldimporters.com, none of the choices matches this origin but if we assume the typo error, then http://test.wideworldimporters.com should be the answer

oxaytol
Jun 14, 2020

In this case i think it is a typo error. The origin is http://testwideworldimporters.com, none of the choices matches this origin but if we assume the typo error, then http://test.wideworldimporters.com should be the answer

PHARKGAOYOU
Jun 18, 2020

go study well and come back, don't make confusion over here. The answer is indeed 2nd Box

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

RT007
Jun 25, 2020

second box is the correct answer

hikari_se
Sep 5, 2020

Agree, this problem comes when the origins test.wideworldimporters.com is not allowed for accessing container API. The XML configuration here is for the API, so we have to accept the origin comes from test.wideworldimporters.com

Juanlu
Nov 30, 2020

Agree. BOX 1 & BOX3 for "Allowed Origin" value. Agree. BOX 2 should be this url (http://test.wideworldimporters.com) , assuming typo error exists in "dot"(...test(dot)wide...) as @oxaytol said. Agree also por BOX 4. GET and POST, are correct, so this is a correct answer.

Chilred
Jan 9, 2021

Even if you are right, you could add the prove ;)

Anonymous
Feb 7, 2021

Agree. For the last one, I think it should not include POST/PUT, because website only displays data. So, last one is either GET or GET, HEAD. I'd go with GET, HEAD.

dancsita
Feb 19, 2021

according to the Whizlabs you are right

AK89
May 27, 2020

2nd Box answer is correct as the request is generating from the website Url as given in the usecase. Although 4th box should be GET as the app is meant to display data as per the usecase

RT007
Jun 25, 2020

why AllowedMethod is Post it can also be Get. No where mentioned its using Post method

Gall
Feb 24, 2021

I would say it's POST as CosmosDB search query will be nested within BODY https://docs.microsoft.com/en-us/rest/api/cosmos-db/querying-cosmosdb-resources-using-the-rest-api

altafpatel1984
Nov 28, 2021

But here MongoDb is used, not Cosmos DB.

altafpatel1984
Nov 28, 2021

But here MongoDb is used, not Cosmos DB.

nikos2001
Jun 29, 2020

Website http://testwideworldimporters.com is calling the API. Web browser blocs the call, because this API is in a different domain. This API must me configured to accept calls from the source http://testwideworldimporters.com. https://docs.microsoft.com/en-us/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services

chaudh
Jul 13, 2020

Box1 & Box3: AllowedOrigins Box2: http://*.wideworldiporters.com The question asks to resolve the Shipping web site error, not the testing. Use wildcard instead. https://docs.microsoft.com/en-us/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services Box4: GET, PUT

chaudh
Jul 13, 2020

https://docs.microsoft.com/en-us/rest/api/storageservices/set-table-service-properties AllowedMethods Required if CorsRule element exists. A comma-separated list of HTTP methods that are allowed to be executed by the origin. For Azure Storage, permitted methods are DELETE, GET, HEAD, MERGE, POST, OPTIONS or PUT.

xofowi5140
Jul 15, 2020

For me that is not correct. I think only regex works or <AllowedOrigins> * <AllowedOrigins>

rrongcheng
Jul 29, 2020

I think the Bos 4 is: Get, Head, As it hasn't mentioned which CDN it uses, GET, HEAD is the best answer for Azure CDN from Microsoft. https://docs.microsoft.com/en-us/azure/cdn/cdn-how-caching-works

rrongcheng
Aug 5, 2020

It should be Get, as it's dynamic content so it will use Azure CDN from Akamai

Ave
Nov 7, 2020

both Get and Post are accepted https://docs.microsoft.com/en-us/azure/api-management/api-management-cross-domain-policies

Cornholioz
Dec 25, 2020

The link you pasted also mentions two origins: localhost and example.com. Does this mean 3rd option in Box2 could be right? Since the 2nd option has a typo. Maybe it's not a typo but simply a wrong answer?

mrpaul9
Jul 4, 2020

The answer provided is correct. Allowed Origin API Allowed Origin POST, GET If you have any doubt. The question is from Azure Storage Service perspective which is consumed by API. Please read the below https://docs.microsoft.com/en-us/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services

xofowi5140
Jul 15, 2020

POST, GET is not an option