Package io.quarkus.vertx.http.runtime.cors

Class CORSConfig

java.lang.Object

io.quarkus.vertx.http.runtime.cors.CORSConfig

public class CORSConfig
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
Optional<Boolean>	accessControlAllowCredentials	The `Access-Control-Allow-Credentials` response header.
Optional<Duration>	accessControlMaxAge	The `Access-Control-Max-Age` response header value in Duration format.
Optional<List<String>>	exposedHeaders	The HTTP headers exposed in CORS responses.
Optional<List<String>>	headers	The HTTP headers allowed for CORS requests.
Optional<List<String>>	methods	The HTTP methods allowed for CORS requests.
Optional<List<String>>	origins	The origins allowed for CORS.

Constructor Summary

Constructors

Constructor	Description
CORSConfig()

Method Summary

Modifier and Type	Method	Description
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

origins

@ConfigItem
@ConvertWith(io.quarkus.runtime.configuration.TrimmedStringConverter.class)
public Optional<List<String>> origins

The origins allowed for CORS. A comma-separated list of valid URLs, such as `http://www.quarkus.io,http://localhost:3000`. URLs enclosed in forward slashes are interpreted as regular expressions.

methods

@ConfigItem
@ConvertWith(io.quarkus.runtime.configuration.TrimmedStringConverter.class)
public Optional<List<String>> methods

The HTTP methods allowed for CORS requests. A comma-separated list of valid HTTP methods, such as `GET,PUT,POST`. If not set, the filter allows any HTTP method by default. Default: Any HTTP request method is allowed.

headers

@ConfigItem
@ConvertWith(io.quarkus.runtime.configuration.TrimmedStringConverter.class)
public Optional<List<String>> headers

The HTTP headers allowed for CORS requests. A comma-separated list of valid headers, such as `X-Custom,Content-Disposition`. If not set, the filter allows any header by default. Default: Any HTTP request header is allowed.

exposedHeaders

@ConfigItem
@ConvertWith(io.quarkus.runtime.configuration.TrimmedStringConverter.class)
public Optional<List<String>> exposedHeaders

The HTTP headers exposed in CORS responses. A comma-separated list of headers to expose, such as `X-Custom,Content-Disposition`. Default: No headers are exposed.

accessControlMaxAge

@ConfigItem
public Optional<Duration> accessControlMaxAge

The `Access-Control-Max-Age` response header value in Duration format. Informs the browser how long it can cache the results of a preflight request.

accessControlAllowCredentials

@ConfigItem
public Optional<Boolean> accessControlAllowCredentials

The `Access-Control-Allow-Credentials` response header. Tells browsers if front-end JavaScript can be allowed to access credentials when the request's credentials mode, `Request.credentials`, is set to `include`. Default: `true` if the `quarkus.http.cors.origins` property is set and matches the precise `Origin` header value.

Constructor Details

CORSConfig

public CORSConfig()

Method Details

toString

public String toString()

Overrides:

toString in class Object