Plug-in configurations
You can configure CORS plug-ins in the JSON or YAML format as these two formats use the same schema. You can use the yaml to json
tool to convert the configuration format of a CORS plug-in. The following table describes a plug-in configuration template in the YAML format.
---
allowOrigins: api.foo.com,api2.foo.com # The allowed origins. Separate multiple origins by commas (,). Default value: *.
AllowMethods: GET, POST, PUT#The allowed HTTP methods. Separate multiple methods by commas (,).
allowHeaders: X-Ca-RequestId # The allowed request headers. Separate multiple request headers by commas (,).
exposeHeaders: X-RC1,X-RC2 # The headers that can be exposed to XMLHttpRequest objects. Separate multiple headers by commas (,).
allowCredentials: true # Constrols whether cookies are allowed.
maxAge: 172800