Property name
|
Description
|
Data types
|
Default
|
Range
|
allowAll
|
Specifies that CORS filter allow every client request. If this property is set to true, all the other CORS properties values are ignored by the CORS filter.
|
Boolean
|
true
|
true or false
|
allowDomains
|
Specifies the domains that can make server requests.
|
String
|
*
|
|
allowSubdomains
|
Specifies if subdomains of the permitted domains be allowed to make server requests.
|
Boolean
|
false
|
true or false
|
allowMethods
|
Specifies valid HTTP method names.
|
String
|
GET,
PUT,
POST,
DELETE
|
Valid HTTP methods in upper case.
|
messageHeaders
|
Specifies the message header to be passed as a header to the server. If you are passing multiple messages, you must specify a comma-separated list of messages.
|
String
|
Refer to the footnote.
|
Any valid string
|
responseHeaders
|
Specifies the message header to be received by the client as a header from the server. If you are passing multiple messages, you must specify a comma-separated list of messages.
|
String
|
Refer to the footnote.
|
Any valid string
|
supportCredentials
|
Controls whether the CORS filter allows the client to send user credentials in the form of a COOKIE.
|
Boolean
|
true
|
true or false
|
maxAge
|
Specifies the maximum time (in seconds) for an application resource to be granted on request. After the specified time, the resource grant is revoked and the client must request access again. To set maximum time to infinity, set maxAge to -1.
|
Integer
|
-1
|
|