Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional Cloud Developer Topic 1 Question 84 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 84
Topic #: 1
[All Professional Cloud Developer Questions]

You have an application that uses an HTTP Cloud Function to process user activity from both desktop browser and mobile application clients. This function will serve as the endpoint for all metric submissions using HTTP POST.

Due to legacy restrictions, the function must be mapped to a domain that is separate from the domain requested by users on web or mobile sessions. The domain for the Cloud Function is https://fn.example.com. Desktop and mobile clients use the domain https://www.example.com. You need to add a header to the function's HTTP response so that only those browser and mobile sessions can submit metrics to the Cloud Function. Which response header should you add?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Filiberto at May 31, 2024, 03:32 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Justine
1 months ago
Hmm, I'm leaning towards B. Seems like a good compromise to allow any subdomain under example.com. Keeps things flexible, you know?
upvoted 0 times
...
Chi
1 months ago
Hold up, why not just make it accessible to everyone? I mean, who needs security these days, right? *wink wink*
upvoted 0 times
Francine
5 days ago
No, we need to restrict it to only the specified domains for security reasons.
upvoted 0 times
...
Keva
14 days ago
A) Access-Control-Allow-Origin: *
upvoted 0 times
...
...
Ronald
2 months ago
I agree with Bethanie. C is the way to go here. Gotta keep those pesky hackers out, you know?
upvoted 0 times
Gerald
11 days ago
C) Access-Control-Allow-Origin: https://fn.example.com
upvoted 0 times
...
Theodora
24 days ago
B) Access-Control-Allow-Origin: https://*.example.com
upvoted 0 times
...
Clorinda
1 months ago
A) Access-Control-Allow-Origin: *
upvoted 0 times
...
...
Bethanie
2 months ago
Option C is the correct answer. The Cloud Function should only allow requests from the domain that users access, which is https://www.example.com.
upvoted 0 times
Lorrie
25 days ago
C) Access-Control-Allow-Origin: https://fn.example.com
upvoted 0 times
...
Kelvin
26 days ago
B) Access-Control-Allow-Origin: https://*.example.com
upvoted 0 times
...
Hyman
1 months ago
A) Access-Control-Allow-Origin: *
upvoted 0 times
...
...
Allene
2 months ago
I agree with Ahmad, C) Access-Control-Allow-Origin: https://fn.example.com makes sense because it restricts submissions to the Cloud Function from the specific domain
upvoted 0 times
...
Lacresha
3 months ago
I disagree, I believe the header should be A) Access-Control-Allow-Origin: *
upvoted 0 times
...
Ahmad
3 months ago
I think the correct header to add is C) Access-Control-Allow-Origin: https://fn.example.com
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77