Hello! Guys, I have specific content that I want to prevent other sites from getting GET to get them. That is, I will only allow one, but I need to know if there is a way to verify if the site X that allowed to make the request really is itself. Because if it is not, I'll show you a 404.
In other words, is there a way to verify that the Access-Control-Allow-Origin URL is the same as the site URL that you allowed?