CORS Configuration for the Gateway Service

Owned by Product Management
Last updated: Jun 14, 2023 by Mr. Schmittberger
1 min read

To enable CORS (Cross-Origin Resource Sharing) for the Gateway microservice the following parameters can be configured in the file <service-manager>\config\gateway-prod.yml

cors.enabled: true cors.domains: - https://www.alloweddomain1.de - https://www.alloweddomain2.de

The gateway-prod.yml file can also be used to configure the methods and headers allowed for CORS.
By default, the following methods and headers are configured:

cors.methods: - HEAD - GET - POST - PUT - DELETE - PATCH cors.headers: - X-Requested-With - Content-Type - Accept - Origin - Authorization - x-os-include-actions - x-os-include-links - x-os-sync-index

By defining cors.methods this list can be configured individually, replacing the default.

By defining cors.headers this list can be configured individually, extending the default.