• Public
  • Public/Protected
  • All

Interface CorsRule

Package version

CORS is an HTTP feature that enables a web application running under one domain to access resources in another domain. Web browsers implement a security restriction known as same-origin policy that prevents a web page from calling APIs in a different domain; CORS provides a secure way to allow one domain (the origin domain) to call APIs in another domain


  • CorsRule




allowedHeaders: string

the request headers that the origin domain may specify on the CORS request.


allowedMethods: string

The methods (HTTP request verbs) that the origin domain may use for a CORS request. (comma separated)


allowedOrigins: string

The origin domains that are permitted to make a request against the storage service via CORS. The origin domain is the domain from which the request originates. Note that the origin must be an exact case-sensitive match with the origin that the user age sends to the service. You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.


exposedHeaders: string

The response headers that may be sent in the response to the CORS request and exposed by the browser to the request issuer


maxAgeInSeconds: number

The maximum amount time that a browser should cache the preflight OPTIONS request.

Generated using TypeDoc