In this case the middleware will pass the request through as normal, but will include appropriate CORS headers on the response. Simple requests ¶Īny request with an Origin header. In this case the middleware will intercept the incoming request and respond with appropriate CORS headers, and either a 200 or 400 response for informational purposes. These are any OPTIONS request with Origin and Access-Control-Request-Method headers. The middleware responds to two particular types of HTTP request. max_age - Sets a maximum time in seconds for browsers to cache CORS responses.expose_headers - Indicate any response headers that should be made accessible to the browser.Also, allow_origins cannot be set to for credentials to be allowed, origins must be specified. allow_credentials - Indicate that cookies should be supported for cross-origin requests.The Accept, Accept-Language, Content-Language and Content-Type headers are always allowed for simple CORS requests. allow_headers - A list of HTTP request headers that should be supported for cross-origin requests.You can use to allow all standard methods. allow_methods - A list of HTTP methods that should be allowed for cross-origin requests.allow_origin_regex - A regex string to match against origins that should be permitted to make cross-origin requests.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |