46.3 CORS support
Cross-origin resource sharing (CORS) is a W3C specification that allows you to specify in a flexible way what kind of cross domain requests are authorized. Actuator’s MVC endpoints can be configured to support such scenarios.
CORS support is disabled by default and is only enabled once the endpoints.cors.allowed-origins
property has been set. The configuration below permits GET
and POST
calls from the example.com
domain:
endpoints.cors.allowed-origins=http://example.com endpoints.cors.allowed-methods=GET,POST
Tip | |
---|---|
Check EndpointCorsProperties for a complete list of options. |