CorsRule Class
CORS is an HTTP feature that enables a web application running under one domain to access resources in another domain. Web browsers implement a security restriction known as same-origin policy that prevents a web page from calling APIs in a different domain; CORS provides a secure way to allow one domain (the origin domain) to call APIs in another domain.
For more information, see https://msdn.microsoft.com/en-us/library/azure/dn535601.aspx
- Inheritance
-
builtins.objectCorsRule
Constructor
CorsRule(allowed_origins, allowed_methods, max_age_in_seconds=0, exposed_headers=None, allowed_headers=None)Parameters
| Name | Description |
|---|---|
|
allowed_origins
Required
|
A list of origin domains that will be allowed via CORS, or "*" to allow all domains. The list of must contain at least one entry. Limited to 64 origin domains. Each allowed origin can have up to 256 characters. |
|
allowed_methods
Required
|
A list of HTTP methods that are allowed to be executed by the origin. The list of must contain at least one entry. For Azure Storage, permitted methods are DELETE, GET, HEAD, MERGE, POST, OPTIONS or PUT. |
|
max_age_in_seconds
|
The number of seconds that the client/browser should cache a preflight response. Default value: 0
|
|
exposed_headers
|
Defaults to an empty list. A list of response headers to expose to CORS clients. Limited to 64 defined headers and two prefixed headers. Each header can be up to 256 characters. Default value: None
|
|
allowed_headers
|
Defaults to an empty list. A list of headers allowed to be part of the cross-origin request. Limited to 64 defined headers and 2 prefixed headers. Each header can be up to 256 characters. Default value: None
|
Azure SDK for Python