Jump to: navigation, search

web Section



     


cors.allowedHeaders

Default Value: x-requested-with,content-type,accept,origin,authorization,cookie
Valid Values: Comma-separated list of HTTP headers
Changes Take Effect: After server restart


A comma-separated list of HTTP headers that are allowed to be specified when accessing the resources. If the value is a single *, this means that any headers will be accepted.

cors.allowedMethods

Default Value: GET,POST,OPTIONS,HEAD,DELETE
Valid Values: Comma-separated list of valid HTTP methods
Changes Take Effect: After server restart
Introduced: 8.5.000.29

A comma separated list of HTTP methods that are allowed to be specified when accessing the resources.

cors.allowedOrigins

Default Value: *
Valid Values: See the explanation in the description.
Changes Take Effect: After server restart


A comma-separated list of origins that are allowed to access the resources. The default value is *, meaning all origins. If an allowed origin contains one or more * characters (for example http://*.domain.com), then * characters are converted to .*, . characters are escaped to \., and the resulting allowed origin is interpreted as a regular expression. Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3}, which matches either http or https, multiple subdomains, and any 3 letter top-level domain, such as .com, .net, or .org.

cors.urlMapping

Default Value: *
Valid Values: Any string that contains a URL mapping parameter that follows the Servlet 3.0 mapping specification (chapter 12.2 Specification of Mappings), as documented at http://download.oracle.com/otn-pub/jcp/servlet-3.0-fr-eval-oth-JSpec/servlet-3_0-final-spec.pdf.
Changes Take Effect: After server restart


Defines a filter mapping with the given URL patterns and dispatcher types for the CORS Filter.

jsonp.whiteList

Default Value: ^_gt\.setCategory$, ^_gt\.setDSL$ , ^jQuery\d*_\d*$
Valid Values: A comma-delimited list of regular expressions, each of which specifies the name of one of the allowed callback functions. These names normally have a format of obj.callback.
Changes Take Effect: After server restart
Introduced: 8.5.000.42

Defines a white list of regular expressions that specify the object and callback names allowed for JSONP requests.

staticResourcesCacheControl

Default Value: public, max-age=1800
Valid Values: See below
Changes Take Effect: After server restart


Define configuration of cache-control header for static web resources.

Valid Values: Any values that follow the cache-control header specification, such as:

  • Deny request caching: private, no-cache, no-store, max-age=0
  • Allow request caching for 1800 seconds: public, max-age=1800

For more information, refer to: http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html and http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html.

staticResourcesCacheControlPattern

Default Value: ^(http)://.*$
Valid Values: ^(http)://.*$
Changes Take Effect: After restart


This regular expression defines the URL pattern of static resources that will be affected by the behavior prescribed by the staticResourcesCacheControl option.

The default pattern (^(http)://.*$) indicates "all static resources accessed through the http schema.”

The wildcard (.*) indicates “all static resources.”

This page was last edited on March 22, 2018, at 01:10.
Comments or questions about this documentation? Contact us for support!