To enable CORS (…) the following setting must be enabled in the gateway-prod.yml (or other gateway-xxx.yml)Cross-Origin Resource Sharing) for the Gateway microservice the following parameters can be configured in the file <service-manager>\config\gateway-prod.yml
Code Block |
---|
cors.enabled: true cors.domains: - https://www.alloweddomain1.de - https://www.alloweddomainalloweddomain2.de |
The gateway-prod.yml file can also be used to configure the methods and headers allowed for CORS.
By default, the following methods and headers are configured:
Code Block |
---|
cors.methods: - HEAD - GET - POST - PUT - DELETE - PATCH |
By defining cors.methods, this list can be configured individually, replacing the default.
...
cors.headers: - X-Requested-With |
...
- Content-Type |
...
- Accept - Origin - Authorization - x-os-include-actions |
...
- x-os-include-links |
...
- x-os-sync-index |
This can be extended by defining the cors.header list:
...
By defining cors.methods this list can be configured individually, replacing the default.
By defining cors.headers this list can be configured individually, extending the default.