cae.cors.allow-credentials-for-url-pattern
Type
java.util.Map<java.lang.String,java.lang.Boolean>
Default
Description
Map of whether user credentials are supported, based on URL patterns.
Example:
cae.cors.allow-credentials-for-url-pattern[{path\:.*}]=true
See Javadoc for more information on CORS configuration for the CAE.
cae.cors.allowed-headers-for-url-pattern
Type
java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default
Description
Map of headers that a pre-flight request can list as allowed for use
during an actual request, based on URL patterns.
A header name is not required to be listed if it is one of:
Cache-Control , Content-Language ,
Expires , Last-Modified or
Pragma .
Example:
cae.cors.allowed-headers-for-url-pattern[{path\:.*}]=x-requested-with,x-csrf-token
See Javadoc for more information on CORS configuration for the CAE.
cae.cors.allowed-methods-for-url-pattern
Type
java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default
Description
Map of HTTP methods to allow, based on URL patterns.
Example:
cae.cors.allowed-methods-for-url-pattern[{path\:.*}]=GET,POST,PUT
See Javadoc for more information on CORS configuration for the CAE.
cae.cors.allowed-origins-for-url-pattern
Type
java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default
Description
Map of origins to allow, based on URL patterns.
Example:
cae.cors.allowed-origins-for-url-pattern[{path\:.*}]=https://domain1.com,https://domain2.com
In the preview CAE, this property may e.g. be configured with the
Studio host in order to allow AJAX requests from the Studio to the
CAE.
See Javadoc for more information on CORS configuration for the CAE.
cae.cors.exposed-headers-for-url-pattern
Type
java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default
Description
Map of response headers other than simple headers (i.e.
Cache-Control , Content-Language ,
Content-Type , Expires ,
Last-Modified or Pragma ) that an
actual response might have and can be exposed, based on URL patterns.
Example:
cae.cors.exposed-headers-for-url-pattern[{path\:.*}]=x-requested-with,x-csrf-token
See Javadoc for more information on CORS configuration for the CAE.
cae.cors.max-age-for-url-pattern
Type
java.util.Map<java.lang.String,java.time.Duration>
Default
Description
Map of how long, as a duration, the response from a pre-flight request
can be cached by clients, based on URL patterns.
Example:
cae.cors.max-age-for-url-pattern[{path\:.*}]=3m
See Javadoc for more information on CORS configuration for the CAE.