Cors

Resource URI

/services/{serviceId}/endpoints/{endpointId}/cors

Items in curly braces represent variables.

Description

Resource for Cross-origin resource sharing (CORS) related properties.

Resource Schema

Property Characteristics
allDomainsEnabled Type boolean
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description Specify if pre-flight requests made from any domain are passed throught the Traffic Manager. Disabling this field means that only pre-flight requests from specified domains will be passed through the Traffic Manager.
maxAge Type integer
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description Specify the maximum time in minutes for which the pre-flight request results can be cached. This property indicates how long the results of a preflight request can be cached.
cookiesAllowed Type boolean
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description If it is true 'Access-Control-Allow-Credentials' is set to true on the response, which controls whether 'Credentialed requests' or cookies are allowed.
domainsAllowed Type array
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description A comma separated list of origins. These will be used to validate and determine what can be added to Access-Control-Allow-Origin to retain backward compatibility. Empty will allow any incoming origin.
headersAllowed Type array
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description A comma separated list of headers. These will be used to validate and determine what can be added to Access-Control-Allow-Header to retain backward compatibility. Empty will allow any incoming header.
headersExposed Type array
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description A comma separated list of headers. These will be added to Access-Control-Expose-Headers on the response.
subDomainMatchingAllowed Type boolean
Sub-type
Create Rule Optional
Update Rule Optional
Fetch Rule Implicit
Description If it is false, exact matching will be done on the origin header on incoming requests, against allowed origins specified.

fetch [GET]

Retrieves the identified Cors for the Service Definition.

Parameters

Parameter Required Type Description
serviceId true string Service identifier.
endpointId true string Endpoint identifier.
fields false string Comma-separated list of property paths to include in response. Each property path is a dot-separated list of object property names. fields=<property\[.property...\]>\[,...\]\[&fields=...\]
filter false string Colon-separated name/value pair specifying the name of property whose value must contain the given value (as a substring). Results may also be filtered by nested collections' properties by specifying a dot-separated property path. filter=<property\[.property...\]>:<value>\[&filter=...\]
sort false string Comma-separated list of properties to sort by. Only root-level properties are supported. Each property name may be optionally followed by :asc or :desc to specify sort direction (defaults to asc). sort=<property\[:(asc\|desc)\]>\[,...\]\[&sort=...\]
limit false int Number of objects to return in the result. Defaults to 100.
offset false int 0-based index of first object in the list to return. Defaults to 0.
indent false boolean When set to true, responses are indented for better readability.

Returns

Success

Cors for the Service If fields request parameter is not included, only those fields with "Fetch Rule" equal to "Implicit" will be returned. Otherwise, the fields contained in the URL parameter will be included in the response.

Failure

Array of validation responses

Examples

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" 

Response

[
    {
        "maxAge": 51,
        "allDomainsEnabled": true
    }
]

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" 

Response

[
    {
        "maxAge": 34,
        "allDomainsEnabled": true
    }
]

create [POST]

Assigns Cors to a Service Definition.

Parameters

Parameter Required Type Description
serviceId true string Service identifier.
endpointId true string Endpoint identifier.
cors true object Cors object

Returns

Success

Cors for the Service If fields request parameter is not included, only those fields with "Fetch Rule" equal to "Implicit" will be returned. Otherwise, the fields contained in the URL parameter will be included in the response.

Failure

Array of validation responses

Examples

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" --request POST --data '{"maxAge":15,"allDomainsEnabled":false}

Response

[
    {
        "maxAge": 8,
        "allDomainsEnabled": true
    }
]

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" --request POST --data '{"maxAge":88,"allDomainsEnabled":false}

Response

[
    {
        "maxAge": 23,
        "allDomainsEnabled": false
    }
]

update [PUT]

Updates the Cors assigned to the identified Service Definition.

Parameters

Parameter Required Type Description
serviceId true string Service identifier.
endpointId true string Endpoint identifier.
cors true object Cors object

Returns

Success

Cors for the Service If fields request parameter is not included, only those fields with "Fetch Rule" equal to "Implicit" will be returned. Otherwise, the fields contained in the URL parameter will be included in the response.

Failure

Array of validation responses

Examples

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" --request PUT --data '{"maxAge":81,"allDomainsEnabled":false}

Response

[
    {
        "maxAge": 57,
        "allDomainsEnabled": true
    }
]

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" --request PUT --data '{"maxAge":4,"allDomainsEnabled":true}

Response

[
    {
        "maxAge": 37,
        "allDomainsEnabled": true
    }
]

delete [DELETE]

Deletes the Cors assigned to the identified Service Definition.

Parameters

Parameter Required Type Description
serviceId true string Service identifier.
endpointId true string Endpoint identifier.

Returns

Success

Empty response

Failure

Array of validation responses

Examples

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" --request DELETE

Response

[
    ""
]

Request

curl -k 'https://api.mashery.com/v3/rest/services/0fcc39d1c7ee470780e6cbe6/endpoints/0dd96770b82f4f248c4711d9/cors' -H "Authorization: Bearer <insert your token here>" -H "Content-Type:application/json" --request DELETE

Response

[
    ""
]

Docs Navigation