10 CORS Properties
wcs_properties.json
file that configure the Cross-origin resource sharing (CORS) mechanism:10.1 About the Properties in the CORS Category
The properties that configure the Cross-origin resource sharing (CORS) mechanism for WebCenter Sites are categorized under the CORS category. These properties allow WebCenter Sites resources to be requested from domains outside of the WebCenter Sites domain.
When a request from a domain outside of WebCenter Sites is made for a WebCenter Sites resource, the browser "preflights" the request by soliciting supported domain methods from WebCenter Sites with an HTTP OPTIONS
request header. Upon approval from WebCenter Sites, CORS sends the request with the HTTP
request method. WebCenter Sites can also notify clients whether "credentials" (including Cookies and HTTP Authentication data) should be sent with requests.
The CORS properties enable you to restrict domains, methods, and so on. When you modify these properties using either the Property Management Tool or the Import/Export Utility does not require you to restart the server for the changes to take effect. For descriptions of the properties categorized under CORS in the wcs_properties.json
file, see Properties in the CORS Category.
10.2 Properties in the CORS Category
Table 10-1 provides a description for each of the properties in the JSON file that are associated with the CORS category.
Table 10-1 Cors Properties
Property | Description |
---|---|
Specifies whether user credentials (cookies) in cross origin requests. Default value: |
|
Comma-separated list of origins (in the format: Default value: |
|
Use this property to specify an integer that indicates the maximum amount of time the results of a preflight request can be cached by the client. |
|
Defines the cross domain request HTTP methods supported by WebCenter Sites. Default value: |