Review environment sets WILDCARD_ENBALED=true which disables origin-checks in the cloud function #13354
Description
Summary
Lately some usage of resources under /shared-assets have been merged into content that were failing on stage and prod environments. Example
The issue has been resolved by allowing main and interactive examples origins as well for these assets by the cloud function's proxy.
The reason why this problem did not come up earlier is that the review environment has WILDCARD_ENABLED set, which basically disables all origin-checks in the cloud function.
For better parity with the prod and stage environments, it would be helpful to lock the origin check down there as well, maybe with something like *.review.mdn.allizom.org as the main origin.
URL
Reproduction steps
- See this issue in content
Expected behavior
I want the same behaviour in review/prod/stage environments
Actual behavior
Shared assets on the review environment worked, but failed on prod/stage environments
Device
Desktop
Browser
Chrome
Browser version
Stable
Operating system
Android
Screenshot
No response
Anything else?
No response
Validations
- I have read the Community Participation Guidelines.
- I have verified that there isn't already an issue that reports the same bug to avoid creating a duplicate.
- I have checked that this is a concrete bug. For Q&A open a GitHub Discussion.