staticResourcesCacheControlPattern
Section: web
Default Value: ^(http)://.*$
Valid Values: ^(http)://.*$
Changes Take Effect: After restart
This regular expression defines the URL pattern of static resources that will be affected by the behavior prescribed by the staticResourcesCacheControl option.
The default pattern (^(http)://.*$) indicates "all static resources accessed through the http schema.”
The wildcard (.*) indicates “all static resources.”
staticResourcesCacheControl
Section: web
Default Value: public, max-age=1800
Valid Values: See below
Changes Take Effect: After server restart
Define configuration of cache-control header for static web resources.
jsonp.whiteList
Section: web
Default Value: ^_gt\.setCategory$, ^_gt\.setDSL$ , ^jQuery\d*_\d*$
Valid Values: A comma-delimited list of regular expressions, each of which specifies the name of one of the allowed callback functions. These names normally have a format of obj.callback.
Changes Take Effect: After server restart
Introduced: 8.5.000.42
Defines a white list of regular expressions that specify the object and callback names allowed for JSONP requests.
cors.urlMapping
Section: web
Default Value: *
Valid Values: Any string that contains a URL mapping parameter that follows the Servlet 3.0 mapping specification (chapter 12.2 Specification of Mappings), as documented at http://download.oracle.com/otn-pub/jcp/servlet-3.0-fr-eval-oth-JSpec/servlet-3_0-final-spec.pdf.
Changes Take Effect: After server restart
Defines a filter mapping with the given URL patterns and dispatcher types for the CORS Filter.
cors.allowedOrigins
Section: web
Default Value: *
Valid Values: See the explanation in the description.
Changes Take Effect: After server restart
A comma-separated list of origins that are allowed to access the resources. The default value is *, meaning all origins. If an allowed origin contains one or more * characters (for example http://*.domain.com), then * characters are converted to .*, . characters are escaped to \., and the resulting allowed origin is interpreted as a regular expression. Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3}, which matches either http or https, multiple subdomains, and any 3 letter top-level domain, such as .com, .net, or .org.
cors.allowedMethods
Section: web
Default Value: GET,POST,OPTIONS,HEAD,DELETE
Valid Values: Comma-separated list of valid HTTP methods
Changes Take Effect: After server restart
Introduced: 8.5.000.29
A comma separated list of HTTP methods that are allowed to be specified when accessing the resources.
cors.allowedHeaders
Section: web
Default Value: x-requested-with,content-type,accept,origin,authorization,cookie
Valid Values: Comma-separated list of HTTP headers
Changes Take Effect: After server restart
A comma-separated list of HTTP headers that are allowed to be specified when accessing the resources. If the value is a single *, this means that any headers will be accepted.
web Section
Contents
These settings are used for configuring web access to GWE Server.
Click an option to view its properties: