`Athena::Framework::Bundle::Schema::Cors::Defaults`#

CORS defaults that affect all routes globally.

Configuration Properties

`allow_credentials`#

type:

Bool

default:

false

Indicates whether the request can be made using credentials.

Maps to the access-control-allow-credentials header.

`allow_origin`#

type:

Array(String | Regex)

default:

[] of String | Regex

A white-listed array of valid origins. Each origin may be a static String, or a Regex.

Can be set to ["*"] to allow any origin.

`allow_headers`#

type:

Array(String)

default:

[] of String

The header or headers that can be used when making the actual request.

Can be set to ["*"] to allow any headers.

maps to the access-control-allow-headers header.

`expose_headers`#

type:

Array(String)

default:

[] of String

Array of headers that the browser is allowed to read from the response.

Maps to the access-control-expose-headers header.

`allow_methods`#

type:

Array(String)

default:

ATH::Listeners::CORS::SAFELISTED_METHODS

The method(s) allowed when accessing the resource.

Maps to the access-control-allow-methods header. Defaults to the CORS-safelisted methods.

`max_age`#

type:

Int32

default:

0

Number of seconds that the results of a preflight request can be cached.

Maps to the access-control-max-age header.

Athena::Framework::Bundle::Schema::Cors::Defaults#

Configuration Properties

allow_credentials#

allow_origin#

allow_headers#

expose_headers#

allow_methods#

max_age#

`Athena::Framework::Bundle::Schema::Cors::Defaults`#

`allow_credentials`#

`allow_origin`#

`allow_headers`#

`expose_headers`#

`allow_methods`#

`max_age`#