CORS
The CORS section defines the CORS policy for your application.
allow_origins
: Specifies which origins are allowed.allow_methods
: Lists the HTTP methods allowed.allow_headers
: Headers that are allowed in requests.expose_headers
: Headers that are exposed in responses.allow_credentials
: Indicates whether credentials are supported.max_age
: Specifies the cache duration for preflight requests.
Example
"cors": {
"allow_origins": [
"https://example.com",
"https://example2.com"
],
"allow_methods": [
"GET",
"POST",
"PUT",
"DELETE"
],
"allow_headers": [
"Content-Type",
"Authorization"
],
"expose_headers": [
"Content-Type",
"Authorization"
],
"allow_credentials": true,
"max_age": 86400
}
Last updated