mod_cors support Cross-Origin Resource Sharing
conf/mod_cors/mod_cors.conf
Config Item | Description |
---|---|
Basic.DataPath | String Path of rule configuration |
Log.OpenDebug | Boolean Debug flag of module |
[Basic]
DataPath = mod_cors/cors_rule.data
[Log]
OpenDebug = false
conf/mod_cors/cors_rule.data
Config Item | Description |
---|---|
Version | String Version of the config file |
Config | Object Trace rules for each product |
Config[k] | String Product name |
Config[v] | Object A list of cors rules |
Config[v][] | Object A cors rule |
Config[v][].Cond | String Condition expression, See Condition |
Config[v][].AccessControlAllowOrigins | List Indicates whether the response can be shared with requesting code from the given origin; for requests without credentials, the "*" wildcard, to tell browsers to allow any origin to access the resource. "%origin" specifies the origin from the request header "Origin" |
Config[v][].AccessControlAllowCredentials | Boolean Indicates whether or not the response to the request can be exposed. |
Config[v][].AccessControlExposeHeaders | Boolean Specifies the response headers that browsers are allowed to access. |
Config[v][].AccessControlAllowMethods | List Specifies the method or methods allowed when accessing the resource. This is used in response to a preflight request. |
Config[v][].AccessControlAllowHeaders | List Indicates which HTTP headers can be used when making the actual request. This is used in response to a preflight request. |
Config[v][].AccessControlMaxAge | Int Indicates how long the results of a preflight request can be cached. This is used in response to a preflight request. |
{
"Version": "cors_rule.data.version",
"Config": {
"example_product": [
{
"Cond": "req_host_in(\"example.org\")",
"AccessControlAllowOrigins": ["%origin"],
"AccessControlAllowCredentials": true,
"AccessControlExposeHeaders": ["X-Custom-Header"],
"AccessControlAllowMethods": ["HEAD","GET","POST","PUT","DELETE","OPTIONS","PATCH"],
"AccessControlAllowHeaders": ["X-Custom-Header"],
"AccessControlMaxAge": -1
}
]
}
}