Jeff Sanders Technical Blog

I am a Microsoft employee that has worked on all aspects of the Web Stack for a long time. I hope these blogs are useful to you! Use this information at your own risk.


Earlier Posts

SendGrid – Stopped sending emails due to SendGrid changing authentication requirements for the Sender of the email


Again… just a quick post.  The UI will not validate and allow you to add capacitor://localhost to the CORS settings in Azure App Services.  Here are two ways to work around it.


Super simple.  Enable “Always on” for the web site.


There are a few reasons Azure App Services (Azure Web Apps, Azure Function Apps etc…) may get a 403 response.  Other than the code itself returning this, Access Restrictions or IP Restrictions could be at play (and you can mitigate with this knowledge).


Application Insights is a powerful tool to visualize what is happening with your application.  This quick query shows how to chart when instances are added and removed


Using Easy Auth you might see this error: Failed to load https://login.windows.net/….: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://sitename.azurewebsites.net‘ is therefore not allowed access. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.


Using Graph Bindings with Node.JS Azure


EasyAuth (https://cgillum.tech/category/easy-auth/)  generates an internal access token ‘x-ms-token-aad-access-token‘.  By default this token is an internal only format that you can’t use as a bearer token (it does not even look like one).  You can utilize an unpublished (until now) feature to authenticate against another resource and this will result in a bearer token being generated that you can use to access that resource.  The concept is that you can add additional login parameters that authenticate you against the object you wish to get an access token for.  So you log into that resource and an access token is generated for you by Easy Auth.  Special thanks to Connor McMahon who helped me get this all figured out!


Azure App Services has a way to retrieve and analyze a memory dump of your app right from the portal.  This is a quick reference on how to use this feature


In this example I am showing how you can script setting the properties correctly in script to set a Scale operation based on some values you want.


If your case is closed and for some reason you problem is not resolved or re-occurs you can follow these instructions to view your past cases.  Once in that view, you can send a message and this will re-open the issue.


You may want to restrict what verbs you allow to your web apps in Azure App Services.  The way you do this is really no different than how you would do this for these web servers on premise or in a VM!