From d63d2dded856023389f950dbada13598d0a1659e Mon Sep 17 00:00:00 2001 From: Stephane Nicoll Date: Fri, 15 May 2015 08:45:15 +0200 Subject: [PATCH] polish Improve documentation of cors settings. See gh-2936 --- .../autoconfigure/MvcEndpointCorsProperties.java | 13 ++++++++----- .../asciidoc/appendix-application-properties.adoc | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/MvcEndpointCorsProperties.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/MvcEndpointCorsProperties.java index 4bf9be7a342..cd0cffce60f 100644 --- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/MvcEndpointCorsProperties.java +++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/MvcEndpointCorsProperties.java @@ -33,27 +33,30 @@ import org.springframework.web.cors.CorsConfiguration; public class MvcEndpointCorsProperties { /** - * List of origins to allow. + * Comma-separated list of origins to allow. '*' allows all origins. When + * not set, CORS support is disabled. */ private List allowedOrigins = new ArrayList(); /** - * List of methods to allow. + * Comma-separated list of methods to allow. '*' allows all methods. When + * not set, defaults to GET. */ private List allowedMethods = new ArrayList(); /** - * List of headers to allow in a request + * Comma-separated list of headers to allow in a request. '*' allows all + * headers. */ private List allowedHeaders = new ArrayList(); /** - * List of headers to include in a response. + * Comma-separated list of headers to include in a response. */ private List exposedHeaders = new ArrayList(); /** - * Whether credentials are supported + * Set whether credentials are supported. When not set, credentials are not supported. */ private Boolean allowCredentials; diff --git a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc index f50e2394981..e5fb04299a2 100644 --- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc +++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc @@ -552,7 +552,7 @@ content into your application; rather pick only the properties that you need. endpoints.trace.enabled=true # ENDPOINTS CORS CONFIGURATION ({sc-spring-boot-actuator}/autoconfigure/MvcEndpointCorsProperties.{sc-ext}[MvcEndpointCorsProperties]) - endpoints.cors.allow-credentials= # whether user credentials are support. When not set, credentials are not supported. + endpoints.cors.allow-credentials= # set whether user credentials are support. When not set, credentials are not supported. endpoints.cors.allowed-origins= # comma-separated list of origins to allow. * allows all origins. When not set, CORS support is disabled. endpoints.cors.allowed-methods= # comma-separated list of methods to allow. * allows all methods. When not set, defaults to GET. endpoints.cors.allowed-headers= # comma-separated list of headers to allow in a request. * allows all headers.