Page History
...
If CORS is enabled and no other extra configuration added, then by default all origins, headers and method types are allowed. In order to restrict the CORS access refer to the next paragraphs.
| Warning |
|---|
If Cross-Origin Resource Sharing is enabled, and a cross origin request was made, the cookies, authorisation headers and/or TLS client certificates are exposed to the web application as well. |
Configure allowed origins
...
| Code Block |
|---|
blueriq.security.cors.allowed-methods=GET, POST, PUT |
Credentials requests
...
Overview
Content Tools