Cross-Origin Resource Sharing (CORS) allows Web servers to perform cross-domain access, enabling browsers to more securely transfer data across domains.
When the user needs to send REST requests across the origin webserver, the CORS mechanism may be used. The microservices that receive cross-domain requests need to enable CORS support.
The CORS function is configured in the microservice.yaml file. The configuration items are described in the following table.
Configuration Item | Default Value | Range of Value | Required | Meaning |
---|---|---|---|---|
servicecomb.cors.enabled | false | true /false | No | Whether to enable CORS function |
servicecomb.cors.origin | * | - | No | Access-Control-Allow-Origin |
servicecomb.cors.allowCredentials | false | true /false | No | Access-Control-Allow-Credentials |
servicecomb.cors.allowedHeader | None | - | No | Access-Control-Allow-Headers |
servicecomb.cors.allowedMethod | None | - | No | Access-Control-Allow-Methods |
servicecomb.cors.exposedHeader | None | - | No | Access-Control-Expose-Headers |
servicecomb.cors.maxAge | None | (0,2147483647], Integer | No | Access-Control-Max-Age |
servicecomb: cors: enabled: true origin: "*" allowCredentials: false allowedMethod: PUT,DELETE maxAge: 3600