Adding doc for bug 3297.
This commit is contained in:
parent
cf85fc18e8
commit
5f090598ea
1 changed files with 7 additions and 0 deletions
|
@ -17,6 +17,7 @@ This is what one might look like:
|
|||
"enable-cors" : true,
|
||||
"cors-max-age" : 1000,
|
||||
"cors-allowed-methods" : "POST, PUT, DELETE, GET",
|
||||
"cors-exposed-headers" : "WWW-Authenticate, My-custom-exposed-Header",
|
||||
"bearer-only" : false,
|
||||
"enable-basic-auth" : false,
|
||||
"expose-token" : true,
|
||||
|
@ -103,6 +104,12 @@ cors-allowed-headers::
|
|||
This is _OPTIONAL_.
|
||||
If not set, this header is not returned in CORS responses.
|
||||
|
||||
cors-exposed-headers::
|
||||
If CORS is enabled, this sets the value of the `Access-Control-Expose-Headers` header.
|
||||
This should be a comma-separated string.
|
||||
This is _OPTIONAL_.
|
||||
If not set, this header is not returned in CORS responses.
|
||||
|
||||
bearer-only::
|
||||
This should be set to _true_ for services. If enabled the adapter will not attempt to authenticate users, but only verify bearer tokens.
|
||||
This is _OPTIONAL_.
|
||||
|
|
Loading…
Reference in a new issue