x-apigateway-cors
Meaning: Specifies whether CORS is supported.
Scope of effect: Operation Object (2.0)/Operation Object (3.0)
Example:
paths:'/path':get:x-apigateway-cors: true
Parameter | Mandatory | Type | Description |
|---|---|---|---|
x-apigateway-cors | Yes | boolean | Whether to support CORS.
|
For the API request for enabling CORS, the headers listed in the following table will be added to the response.
Header | Value | Description |
|---|---|---|
Access-Control-Max-Age | 172800 | Maximum time the response of a preflight request can be cached. Unit: s |
Access-Control-Allow-Origin | * | Requests from any domain are allowed. |
Access-Control-Allow-Headers | X-Sdk-Date, X-Sdk-Nonce, X-Proxy-Signed-Headers, X-Sdk-Content-Sha256, X-Forwarded-For, Authorization, Content-Type, Accept, Accept-Ranges, Cache-Control, and Range | Headers that can be used by a formal request. |
Access-Control-Allow-Methods | GET, POST, PUT, DELETE, HEAD, OPTIONS, and PATCH | Methods that can be used by a formal request. |