Deployment Manual / 3.15.2 CAE CORS Properties (unused)

Deployment Manual / Version 2506.0

Table Of Contents

3.15.2 CAE CORS Properties (unused)

Caution

Caution

Note that the cae.cors.* configuration properties are not used anymore. The generalized cors.* configuration properties must be used instead. See Section 3.15.1, “CORS Properties”

`cae.cors.allow-credentials-for-url-pattern`
Type	`Map<String,Boolean>`
Description	Map of whether user credentials are supported, based on URL patterns. Example: cae.cors.allow-credentials-for-url-pattern[{path\:.*}]=true See Javadoc for more information on CORS configuration for the CAE.
Deprecation	This property has been deprecated since 2506.0.0 and will be removed in a future version. Use `cors.allow-credentials-for-url-pattern` instead. Reason: Unified CORS configurations for delivery applications.
`cae.cors.allowed-headers-for-url-pattern`
Type	`Map<String,List<String>>`
Description	Map of headers that a pre-flight request can list as allowed for use during an actual request, based on URL patterns. A header name is not required to be listed if it is one of: Cache-Control, Content-Language, Expires, Last-Modified or Pragma. Example: cae.cors.allowed-headers-for-url-pattern[{path\:.*}]=x-requested-with,x-csrf-token See Javadoc for more information on CORS configuration for the CAE.
Deprecation	This property has been deprecated since 2506.0.0 and will be removed in a future version. Use `cors.allowed-headers-for-url-pattern` instead. Reason: Unified CORS configurations for delivery applications.
`cae.cors.allowed-methods-for-url-pattern`
Type	`Map<String,List<String>>`
Description	Map of HTTP methods to allow, based on URL patterns. Example: cae.cors.allowed-methods-for-url-pattern[{path\:.*}]=GET,POST,PUT See Javadoc for more information on CORS configuration for the CAE.
Deprecation	This property has been deprecated since 2506.0.0 and will be removed in a future version. Use `cors.allowed-methods-for-url-pattern` instead. Reason: Unified CORS configurations for delivery applications.
`cae.cors.allowed-origins-for-url-pattern`
Type	`Map<String,List<String>>`
Description	Map of origins to allow, based on URL patterns. Example: cae.cors.allowed-origins-for-url-pattern[{path\:.*}]=https://domain1.com,https://domain2.com In the preview CAE, this property may e.g. be configured with the Studio host in order to allow AJAX requests from the Studio to the CAE. See Javadoc for more information on CORS configuration for the CAE.
Deprecation	This property has been deprecated since 2506.0.0 and will be removed in a future version. Use `cors.allowed-origins-for-url-pattern` instead. Reason: Unified CORS configurations for delivery applications.
`cae.cors.exposed-headers-for-url-pattern`
Type	`Map<String,List<String>>`
Description	Map of response headers other than simple headers (i.e. Cache-Control, Content-Language, Content-Type, Expires, Last-Modified or Pragma) that an actual response might have and can be exposed, based on URL patterns. Example: cae.cors.exposed-headers-for-url-pattern[{path\:.*}]=x-requested-with,x-csrf-token See Javadoc for more information on CORS configuration for the CAE.
Deprecation	This property has been deprecated since 2506.0.0 and will be removed in a future version. Use `cors.exposed-headers-for-url-pattern` instead. Reason: Unified CORS configurations for delivery applications.
`cae.cors.max-age-for-url-pattern`
Type	`Map<String,Duration>`
Description	Map of how long, as a duration, the response from a pre-flight request can be cached by clients, based on URL patterns. Example: cae.cors.max-age-for-url-pattern[{path\:.*}]=3m See Javadoc for more information on CORS configuration for the CAE.
Deprecation	This property has been deprecated since 2506.0.0 and will be removed in a future version. Use `cors.max_age-for-url-pattern` instead. Reason: Unified CORS configurations for delivery applications.

Table 3.64. Configuration Properties with Prefix cae.cors (unused)

Search Results

Table Of Contents