| AllowedOrigins |
string |
Comma-separated list of origin domains that are allowed via CORS. |
| AllowedMethods |
string |
Comma-separated list of HTTP methods that are allowed. Options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT. |
| AllowedHeaders |
string |
Comma-separated list of headers allowed to be part of the cross-origin request. |
| ExposedHeaders |
string |
Comma-separated list of response headers to expose to CORS clients. |
| MaxAgeInSeconds |
integer |
The maximum amount of time in seconds that a browser should cache the preflight OPTIONS request. |