Jump to: navigation, search

staticResourcesCacheControlPattern

Section: web
Default Value: ^(http)://.*$
Valid Values: ^(http)://.*$
Changes Take Effect: After restart


This regular expression defines the URL pattern of static resources that will be affected by the behavior prescribed by the staticResourcesCacheControl option.

The default pattern (^(http)://.*$) indicates "all static resources accessed through the http schema.”

The wildcard (.*) indicates “all static resources.”

staticResourcesCacheControl

Section: web
Default Value: public, max-age=1800
Valid Values: See below
Changes Take Effect: After server restart


Define configuration of cache-control header for static web resources.

jsonp.whiteList

Section: web
Default Value: ^_gt\.setCategory$, ^_gt\.setDSL$ , ^jQuery\d*_\d*$
Valid Values: A comma-delimited list of regular expressions, each of which specifies the name of one of the allowed callback functions. These names normally have a format of obj.callback.
Changes Take Effect: After server restart
Introduced: 8.5.000.42

Defines a white list of regular expressions that specify the object and callback names allowed for JSONP requests.

cors.urlMapping

Section: web
Default Value: *
Valid Values: Any string that contains a URL mapping parameter that follows the Servlet 3.0 mapping specification (chapter 12.2 Specification of Mappings), as documented at http://download.oracle.com/otn-pub/jcp/servlet-3.0-fr-eval-oth-JSpec/servlet-3_0-final-spec.pdf.
Changes Take Effect: After server restart


Defines a filter mapping with the given URL patterns and dispatcher types for the CORS Filter.

cors.allowedOrigins

Section: web
Default Value: *
Valid Values: See the explanation in the description.
Changes Take Effect: After server restart


A comma-separated list of origins that are allowed to access the resources. The default value is *, meaning all origins. If an allowed origin contains one or more * characters (for example http://*.domain.com), then * characters are converted to .*, . characters are escaped to \., and the resulting allowed origin is interpreted as a regular expression. Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3}, which matches either http or https, multiple subdomains, and any 3 letter top-level domain, such as .com, .net, or .org.

cors.allowedMethods

Section: web
Default Value: GET,POST,OPTIONS,HEAD,DELETE
Valid Values: Comma-separated list of valid HTTP methods
Changes Take Effect: After server restart
Introduced: 8.5.000.29

A comma separated list of HTTP methods that are allowed to be specified when accessing the resources.

cors.allowedHeaders

Section: web
Default Value: x-requested-with,content-type,accept,origin,authorization,cookie
Valid Values: Comma-separated list of HTTP headers
Changes Take Effect: After server restart


A comma-separated list of HTTP headers that are allowed to be specified when accessing the resources. If the value is a single *, this means that any headers will be accepted.

web Section

Contents

These settings are used for configuring web access to GWE Server.

Click an option to view its properties:

cors.allowedHeaders

cors.allowedMethods

cors.allowedOrigins

cors.urlMapping

jsonp.whiteList

staticResourcesCacheControl

staticResourcesCacheControlPattern

This page was last edited on October 31, 2019, at 20:29.
Comments or questions about this documentation? Contact us for support!