root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

polish 

Improve documentation of cors settings.

See gh-2936
This commit is contained in:
Stephane Nicoll 2015-05-15 08:45:15 +02:00
parent b45a2bcfc0
commit d63d2dded8
2 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/MvcEndpointCorsProperties.java
View File

@ -33,27 +33,30 @@ import org.springframework.web.cors.CorsConfiguration;
public class MvcEndpointCorsProperties {
/**
* List of origins to allow.
* Comma-separated list of origins to allow. '*' allows all origins. When
* not set, CORS support is disabled.
*/
private List<String> allowedOrigins = new ArrayList<String>();
/**
* List of methods to allow.
* Comma-separated list of methods to allow. '*' allows all methods. When
* not set, defaults to GET.
*/
private List<String> allowedMethods = new ArrayList<String>();
/**
* List of headers to allow in a request
* Comma-separated list of headers to allow in a request. '*' allows all
* headers.
*/
private List<String> allowedHeaders = new ArrayList<String>();
/**
* List of headers to include in a response.
* Comma-separated list of headers to include in a response.
*/
private List<String> exposedHeaders = new ArrayList<String>();
/**
* Whether credentials are supported
* Set whether credentials are supported. When not set, credentials are not supported.
*/
private Boolean allowCredentials;

2
spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
View File

@ -552,7 +552,7 @@ content into your application; rather pick only the properties that you need.
endpoints.trace.enabled=true
# ENDPOINTS CORS CONFIGURATION ({sc-spring-boot-actuator}/autoconfigure/MvcEndpointCorsProperties.{sc-ext}[MvcEndpointCorsProperties])
endpoints.cors.allow-credentials= # whether user credentials are support. When not set, credentials are not supported.
endpoints.cors.allow-credentials= # set whether user credentials are support. When not set, credentials are not supported.
endpoints.cors.allowed-origins= # comma-separated list of origins to allow. * allows all origins. When not set, CORS support is disabled.
endpoints.cors.allowed-methods= # comma-separated list of methods to allow. * allows all methods. When not set, defaults to GET.
endpoints.cors.allowed-headers= # comma-separated list of headers to allow in a request. * allows all headers.