CorsPolicy(mapping=None, *, ignore_unknown_fields=False, **kwargs)
The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.
Attributes |
|
---|---|
Name | Description |
allow_credentials |
bool
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false. This field is a member of oneof _ _allow_credentials .
|
allow_headers |
MutableSequence[str]
Specifies the content for the Access-Control-Allow-Headers header. |
allow_methods |
MutableSequence[str]
Specifies the content for the Access-Control-Allow-Methods header. |
allow_origin_regexes |
MutableSequence[str]
Specifies a regular expression that matches allowed origins. For more information, see regular expression syntax . An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. |
allow_origins |
MutableSequence[str]
Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. |
disabled |
bool
If true, disables the CORS policy. The default value is false, which indicates that the CORS policy is in effect. This field is a member of oneof _ _disabled .
|
expose_headers |
MutableSequence[str]
Specifies the content for the Access-Control-Expose-Headers header. |
max_age |
int
Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header. This field is a member of oneof _ _max_age .
|