|Modifier and Type||Method and Description|
Whether the browser should include any cookies associated with the domain of the request being annotated.
List of request headers that can be used during the actual request.
List of response headers that the user-agent will allow the client to access.
The maximum age (in seconds) of the cache duration for pre-flight responses.
List of supported HTTP request methods, e.g.
List of allowed origins, e.g.
public HttpInboundEndpointSupportSpec.CrossOriginSpec origin(String... origin)
These values are placed in the
header of both the pre-flight response and the actual response.
"*" means that all origins are allowed.
If undefined, all origins are allowed.
origin- the list of allowed origins.
public HttpInboundEndpointSupportSpec.CrossOriginSpec allowedHeaders(String... allowedHeaders)
This property controls the value of the pre-flight response's
"*" means that all headers requested by the client are allowed.
allowedHeaders- the list of request headers.
public HttpInboundEndpointSupportSpec.CrossOriginSpec exposedHeaders(String... exposedHeaders)
This property controls the value of actual response's
exposedHeaders- the list of response headers.
public HttpInboundEndpointSupportSpec.CrossOriginSpec method(RequestMethod... method)
Methods specified here override those specified via
method- the list of supported HTTP request methods
public HttpInboundEndpointSupportSpec.CrossOriginSpec allowCredentials(Boolean allowCredentials)
"false" if such cookies should not included.
booleanflag to include
Access-Control-Allow-Credentials=truein pre-flight response or not
public HttpInboundEndpointSupportSpec.CrossOriginSpec maxAge(long maxAge)
This property controls the value of the
header in the pre-flight response.
maxAge- the maximum age (in seconds) of the cache duration for pre-flight responses.