I need to specify the "Access-Control-Allow-Origin" as a non-wildcard since my client sends access information through its cookie and sets "withCredentials: true" (and probably good practice to not leave as a wildcard). I have scoured and found that one way to do this is to set Access-Control-Allow-Origin to the client's origin (providing a check that this is an expected origin).
I see how it can be done using PHP...: Access-Control-Allow-Origin Multiple Origin Domains?
I also see the following: Access-control-allow-origin with multiple domains
However, my values for WebOperationContext.Current and OperationContext.Current are always null! I have toyed with service attributes settings with no success.
Any help on why the operation context is null is greatly appreciated!