CORS configuration profile.
Configures cross-origin resource sharing (CORS) as per w3c CORS specification.
| Field Name |
Type |
Since Version |
Description |
origins |
[String] |
|
List of origins for this CORS Profile |
allowedHeaders |
[String] |
|
List of headers… |
exposedHeaders |
[String] |
|
List of headers… |
supportCredentials |
Boolean |
|
Specifies whether or credentials are supported for APIs/API Methods employing this CORS Profile. |
maxAgeSeconds |
Long |
|
Specifies the amount of time responses to OPTIONS requests are stored, in seconds, in the preflight result cache |
name |
String |
|
Unique name of the Profile |
isDefault |
Boolean |
|
Indicates that this is the default profile. There can be only one default. |
{
"name" : "Default Security Profile",
"isDefault" : false,
"origins" : [ "http://api.google.com", "http://api.flickr.com" ],
"allowedHeaders" : [ "X-Request-Value", "X-Hello-World" ],
"exposedHeaders" : [ "X-Trace", "X-CorrelationID" ],
"supportCredentials" : false,
"maxAgeSeconds" : 84600
}