Create CORS Headers
Creates CORS Headers for website acceleration. This operation is a full replacement: all existing CORS headers configured for the service will be removed and replaced by the provided values.
Request
Request-Line
POST /cdn/v1.0/services/{serviceId}/corsHeaders HTTP/1.1
Request Parameters
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| serviceId | Integer | Mandatory | Service ID. |
Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| accessControlAllowOrigin | String | Optional | Response can be shared with requesting code from the given origin. Please note that null value is not allowed, it must be either '*' or 'scheme://fqdn'. |
| accessControlExposeHeaders | String | Optional | Headers can be exposed as part of the response by listing their names. This header accepts any string value. E.g. "Content-Length". |
| accessControlMaxAge | Integer | Optional | Maximum time in seconds that a CORS preflight response can be cached. Accepts non-negative integers or -1 (0 = no cache, -1 = cache indefinitely). |
| accessControlAllowCredentials | Boolean | Optional | Indicates whether the response can be exposed to frontend JavaScript. Must be true. |
| accessControlAllowMethods | String | Optional | Accepts a single method or a comma-separated list from: GET, POST, PUT, DELETE, HEAD, OPTIONS, CONNECT, TRACE. |
| accessControlAllowHeaders | String | Optional | HTTP headers can be used during the actual request. This header accepts any string value. E.g. "X-Customer-Token". |
Response
Status Codes, Error Codes and Error Messages
| Status Code | Error Code | Error Message |
|---|---|---|
| 400 | Request.BadRequest | Bad request. |
| 400 | InvalidCustomer.IdEmpty | Customer id can be empty or invalid. |
| 400 | InvalidService.IdIncorrect | Service id is empty or invalid. |
| 400 | ServiceId.IdPermission | ServiceId can not be found or unknown. |
| 400 | InvalidOrigin.UrlFormat | The origin must be in 'scheme://fqdn' format. |
| 400 | InvalidPolicy.CorsHeaderForMethod | Invalid method ,HTTP method must be one of :GET, POST. PUT. DELETE, HEAD, OPTIONS, CONNECT, TRACE, PATCH. |
| 400 | InvalidPolicy.CorsHeaderForCredentials | The value must be is ture. |
| 400 | InvalidPolicy.CorsHeaderForHeader | The Access Control Allow Header cannot be empty. |
| 400 | InvalidPolicy.CorsHeaderForMaxAge | The max age must be greater than 0. |
| 400 | InvalidPolicy.CorsHeaderForExposeHeader | The Access Control Expose Header cannot be empty. |
Examples
Create CORS Headers
Request
POST /cdn/v1.0/services/228654/corsHeaders HTTP/1.1
{
"accessControlAllowOrigin": "https://www.example.com",
"accessControlExposeHeaders": "Content-Length, X-Request-Id",
"accessControlMaxAge": 3600,
"accessControlAllowCredentials": true,
"accessControlAllowMethods": "GET,POST,OPTIONS",
"accessControlAllowHeaders": "Content-Type, Authorization"
}
Successful Response Body
HTTP/1.1 200