String patterns that match allowed origins. An origin is allowed if any of the string matchers match.
List of HTTP methods allowed to access the resource. The content will be serialized to the Access-Control-Allow-Methods header.
List of HTTP headers that can be used when requesting the resource. Serialized to the Access-Control-Allow-Headers header.
A list of HTTP headers that browsers are allowed to access. Serialized to the Access-Control-Expose-Headers header.
Specify how long the results of a preflight request can be cached. Serialized to the Access-Control-Max-Age header. For information about the value format, see the Google protocol buffer documentation.
Indicates whether the caller is allowed to send the actual request (not the preflight) using credentials. Translates to the Access-Control-Allow-Credentials header.