- Companion:
- object
Value members
Concrete methods
Allows CORS requests with any headers.
Allows CORS requests with any headers.
Sets the Access-Control-Allow-Headers response header to *
Allows CORS requests using any method.
Allows CORS requests using any method.
Sets the Access-Control-Allow-Methods response header to *
Allows CORS requests from any origin.
Allows CORS requests from any origin.
Sets the Access-Control-Allow-Origin response header to *.
Allows credentialed requests by setting the Access-Control-Allow-Credentials response header to true
Allows credentialed requests by setting the Access-Control-Allow-Credentials response header to true
Allows CORS requests using specific headers.
Allows CORS requests using specific headers.
If the preflight request's Access-Control-Request-Headers header requests one of the specified headers, the
Access-Control-Allow-Headers response header is set to a comma-separated list of the given headers. Otherwise the
Access-Control-Allow-Headers response header is suppressed.
Allows CORS requests using specific methods.
Allows CORS requests using specific methods.
If the preflight request's Access-Control-Request-Method header requests one of the specified methods, the
Access-Control-Allow-Methods response header is set to a comma-separated list of the given methods. Otherwise the
Access-Control-Allow-Methods response header is suppressed.
Allows CORS requests only from a specific origin.
Allows CORS requests only from a specific origin.
If the request Origin matches the given origin, sets the Access-Control-Allow-Origin response header to the given origin.
Otherwise the Access-Control-Allow-Origin response header is suppressed..
Determines how long the response to a preflight request can be cached by the client.
Determines how long the response to a preflight request can be cached by the client.
Suppresses the Access-Control-Max-Age response header, which makes the client use its default value.
Sets the response status code of successful preflight requests to "204 No Content"
Sets the response status code of successful preflight requests to "204 No Content"
Blocks credentialed requests by suppressing the Access-Control-Allow-Credentials response header
Blocks credentialed requests by suppressing the Access-Control-Allow-Credentials response header
Exposes all response headers to JavaScript in browsers
Exposes all response headers to JavaScript in browsers
Sets the Access-Control-Expose-Headers response header to *
Exposes specific response headers to JavaScript in browsers
Exposes specific response headers to JavaScript in browsers
Sets the Access-Control-Expose-Headers response header to a comma-separated list of the given headerNames
Exposes no response headers to JavaScript in browsers
Exposes no response headers to JavaScript in browsers
Suppresses the Access-Control-Expose-Headers response header
Determines how long the response to a preflight request can be cached by the client.
Determines how long the response to a preflight request can be cached by the client.
Sets the Access-Control-Max-Age response header to the given duration in seconds.
Sets the response status code of successful preflight requests to the given statusCode
Sets the response status code of successful preflight requests to the given statusCode
Allows CORS requests using any headers requested in preflight request's Access-Control-Request-Headers header.
Allows CORS requests using any headers requested in preflight request's Access-Control-Request-Headers header.
Use reflectHeaders instead of allowAllHeaders when credentialed requests are enabled with allowCredentials, since wildcards are illegal when credentials are enabled