CorsRule interface

Reference

Package:: @azure/storage-blob

CORS is an HTTP feature that enables a web application running under one domain to access resources in another domain. Web browsers implement a security restriction known as same-origin policy that prevents a web page from calling APIs in a different domain; CORS provides a secure way to allow one domain (the origin domain) to call APIs in another domain

Properties

allowedHeaders	the request headers that the origin domain may specify on the CORS request.
allowedMethods	The methods (HTTP request verbs) that the origin domain may use for a CORS request. (comma separated)
allowedOrigins	The origin domains that are permitted to make a request against the storage service via CORS. The origin domain is the domain from which the request originates. Note that the origin must be an exact case-sensitive match with the origin that the user age sends to the service. You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.
exposedHeaders	The response headers that may be sent in the response to the CORS request and exposed by the browser to the request issuer
maxAgeInSeconds	The maximum amount time that a browser should cache the preflight OPTIONS request.

Property Details

allowedHeaders

the request headers that the origin domain may specify on the CORS request.

allowedHeaders: string

Property Value

string

allowedMethods

The methods (HTTP request verbs) that the origin domain may use for a CORS request. (comma separated)

allowedMethods: string

Property Value

string

allowedOrigins

The origin domains that are permitted to make a request against the storage service via CORS. The origin domain is the domain from which the request originates. Note that the origin must be an exact case-sensitive match with the origin that the user age sends to the service. You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.

allowedOrigins: string

Property Value

string

exposedHeaders

The response headers that may be sent in the response to the CORS request and exposed by the browser to the request issuer

exposedHeaders: string

Property Value

string

maxAgeInSeconds

The maximum amount time that a browser should cache the preflight OPTIONS request.

maxAgeInSeconds: number

Property Value

number

Share via

CorsRule interface

Properties

Property Details

allowedHeaders

Property Value

allowedMethods

Property Value

allowedOrigins

Property Value

exposedHeaders

Property Value

maxAgeInSeconds

Property Value

Additional resources