Cross-Origin Resource Sharing (cors)
Configuration for the Cross-Origin Resource Sharing (CORS).
Name | Type | Default | Description |
---|---|---|---|
allowCredentials | boolean | A boolean that indicates if the user credentials can be included in the request. | |
allowedHeaders | string | A comma-separated list of HTTP headers that are allowed to be used by the origin domain when making requests to the configured domain. If this is set to "*", it indicates the request can include any HTTP headers. | |
allowedMethods | string | A comma-separated list of HTTP methods allowed to be used by the origin domain when making requests to the configured domain. | |
allowedOrigins | string | null | A comma-separated list of origins that are allowed to access the configured domain. If this is set to "*", it indicates the resource is publicly accessible, with no access control checks. Also, the value of "null" indicates the domain must not be accessible. |
domain | string | The domain name represents the URL being setup with these CORS settings. | |
exposeHeaders | string | A comma-separated list of HTTP headers that are safe to expose to the calling API. | |
id | string | A unique configuration ID. | |
maxAge | long | A long that indicates how many seconds a response to a preflight request can be cached in the browser. |