Module io.helidon.microprofile.cors

Package io.helidon.microprofile.cors

Annotation Type CrossOrigin

@Target(METHOD)
@Retention(RUNTIME)
@Documented
public @interface CrossOrigin

CrossOrigin annotation.

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element	Description
boolean	allowCredentials	Whether the client can send cookies or credentials.
String[]	allowHeaders	A list of request headers that are allowed or "*" to allow all headers.
String[]	allowMethods	A list of supported HTTP request methods.
String[]	exposeHeaders	A list of response headers allowed for clients other than the "standard" ones.
long	maxAge	Pre-flight response duration in seconds.
String[]	value	A list of origins that are allowed such as "http://foo.com" or "*" to allow all origins.

Element Detail

value

String[] value

A list of origins that are allowed such as "http://foo.com" or "*" to allow all origins. Corresponds to header Access-Control-Allow-Origin.

Returns:

Allowed origins.

Default:

{"*"}

allowHeaders

String[] allowHeaders

A list of request headers that are allowed or "*" to allow all headers. Corresponds to Access-Control-Allow-Headers.

Returns:

Allowed headers.

Default:

{"*"}

exposeHeaders

String[] exposeHeaders

A list of response headers allowed for clients other than the "standard" ones. Corresponds to Access-Control-Expose-Headers.

Returns:

Exposed headers.

Default:

{}

allowMethods

String[] allowMethods

A list of supported HTTP request methods. In response to pre-flight requests. Corresponds to Access-Control-Allow-Methods.

Returns:

Allowed methods.

Default:

{"*"}

allowCredentials

boolean allowCredentials

Whether the client can send cookies or credentials. Corresponds to Access-Control-Allow-Credentials.

Returns:

Allowed credentials.

Default:

false

maxAge

long maxAge

Pre-flight response duration in seconds. After time expires, a new pre-flight request is required. Corresponds to Access-Control-Max-Age.

Returns:

Max age.

Default:

3600L