Skip to content

Commit

Permalink
polish
Browse files Browse the repository at this point in the history
Improve documentation of cors settings.

See spring-projectsgh-2936
  • Loading branch information
snicoll committed May 15, 2015
1 parent b45a2bc commit d63d2dd
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -33,27 +33,30 @@
public class MvcEndpointCorsProperties {

/**
* List of origins to allow.
* Comma-separated list of origins to allow. '*' allows all origins. When
* not set, CORS support is disabled.
*/
private List<String> allowedOrigins = new ArrayList<String>();

/**
* List of methods to allow.
* Comma-separated list of methods to allow. '*' allows all methods. When
* not set, defaults to GET.
*/
private List<String> allowedMethods = new ArrayList<String>();

/**
* List of headers to allow in a request
* Comma-separated list of headers to allow in a request. '*' allows all
* headers.
*/
private List<String> allowedHeaders = new ArrayList<String>();

/**
* List of headers to include in a response.
* Comma-separated list of headers to include in a response.
*/
private List<String> exposedHeaders = new ArrayList<String>();

/**
* Whether credentials are supported
* Set whether credentials are supported. When not set, credentials are not supported.
*/
private Boolean allowCredentials;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -552,7 +552,7 @@ content into your application; rather pick only the properties that you need.
endpoints.trace.enabled=true
# ENDPOINTS CORS CONFIGURATION ({sc-spring-boot-actuator}/autoconfigure/MvcEndpointCorsProperties.{sc-ext}[MvcEndpointCorsProperties])
endpoints.cors.allow-credentials= # whether user credentials are support. When not set, credentials are not supported.
endpoints.cors.allow-credentials= # set whether user credentials are support. When not set, credentials are not supported.
endpoints.cors.allowed-origins= # comma-separated list of origins to allow. * allows all origins. When not set, CORS support is disabled.
endpoints.cors.allowed-methods= # comma-separated list of methods to allow. * allows all methods. When not set, defaults to GET.
endpoints.cors.allowed-headers= # comma-separated list of headers to allow in a request. * allows all headers.
Expand Down

0 comments on commit d63d2dd

Please sign in to comment.