Proto: cors_policy.proto

Package: security.policy.gloo.solo.io

Types:

CORSPolicyReport

FieldDescription
workspaces(repeated CORSPolicyReport.WorkspacesEntry)

selectedRoutes(repeated common.gloo.solo.io.RouteReference)

A list of references to all routes selected by the policy.

CORSPolicyReport.WorkspacesEntry

FieldDescription
key(string)

value(common.gloo.solo.io.Report)

CORSPolicySpec

CORSPolicy is used to set a Cross-Origin Resource Sharing policy (CORS) for requests matching selected routes. Refer to [this link](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS for further details about cross origin resource sharing. CORSPolicies are applied at the Route level.

FieldDescription
applyToRoutes(repeated common.gloo.solo.io.RouteSelector)

Select the routes where the policy will be applied. If left empty, will apply to all routes in the workspace.
config(CORSPolicySpec.Config)

The details of the CORS policy to apply to the selected routes.

CORSPolicySpec.Config

FieldDescription
allowOrigins(repeated common.gloo.solo.io.StringMatch)

String patterns that match allowed origins. An origin is allowed if any of the string matchers match.
allowMethods(repeated string)

List of HTTP methods allowed to access the resource. The content will be serialized to the Access-Control-Allow-Methods header.
allowHeaders(repeated string)

List of HTTP headers that can be used when requesting the resource. Serialized to the Access-Control-Allow-Headers header.
exposeHeaders(repeated string)

A list of HTTP headers that browsers are allowed to access. Serialized to the Access-Control-Expose-Headers header.
maxAge(google.protobuf.Duration)

Specify how long the results of a preflight request can be cached. Serialized to the Access-Control-Max-Age header. For information about the value format, see the Google protocol buffer documentation.
allowCredentials(google.protobuf.BoolValue)

Indicates whether the caller is allowed to send the actual request (not the preflight) using credentials. Translates to the Access-Control-Allow-Credentials header.

CORSPolicyStatus

Reflects the status of the CORSPolicy.

FieldDescription
common(common.gloo.solo.io.Status)

numSelectedRoutes(uint32)

The number of routes selected by the policy.