<PackageReference Include="Azure.Storage.Blobs" Version="12.25.0-beta.1" />

BlobCorsRule

public class BlobCorsRule : IXmlSerializable
CORS is an HTTP feature that enables a web application running under one domain to access resources in another domain. Web browsers implement a security restriction known as same-origin policy that prevents a web page from calling APIs in a different domain; CORS provides a secure way to allow one domain (the origin domain) to call APIs in another domain.
public string AllowedHeaders { get; set; }

the request headers that the origin domain may specify on the CORS request.

public string AllowedMethods { get; set; }

The methods (HTTP request verbs) that the origin domain may use for a CORS request. (comma separated).

public string AllowedOrigins { get; set; }

The origin domains that are permitted to make a request against the storage service via CORS. The origin domain is the domain from which the request originates. Note that the origin must be an exact case-sensitive match with the origin that the user age sends to the service. You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.

public string ExposedHeaders { get; set; }

The response headers that may be sent in the response to the CORS request and exposed by the browser to the request issuer.

public int MaxAgeInSeconds { get; set; }

The maximum amount time that a browser should cache the preflight OPTIONS request.

public BlobCorsRule()

Creates a new BlobCorsRule instance.