Skip to content

/AWS1/CL_MDSCORSRULE

A rule for a CORS policy. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.

CONSTRUCTOR

IMPORTING

Required arguments:

it_allowedorigins TYPE /AWS1/CL_MDSALLOWEDORIGINS_W=>TT_ALLOWEDORIGINS TT_ALLOWEDORIGINS

One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

Each CORS rule must have at least one AllowedOrigins element. The string value can include only one wildcard character (), for example, http://.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.

it_allowedheaders TYPE /AWS1/CL_MDSALLOWEDHEADERS_W=>TT_ALLOWEDHEADERS TT_ALLOWEDHEADERS

Specifies which headers are allowed in a preflight OPTIONS request through the Access-Control-Request-Headers header. Each header name that is specified in Access-Control-Request-Headers must have a corresponding entry in the rule. Only the headers that were requested are sent back.

This element can contain only one wildcard character (*).

Optional arguments:

it_allowedmethods TYPE /AWS1/CL_MDSALLOWEDMETHODS_W=>TT_ALLOWEDMETHODS TT_ALLOWEDMETHODS

Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.

Each CORS rule must contain at least one AllowedMethods and one AllowedOrigins element.

iv_maxageseconds TYPE /AWS1/MDSMAXAGESECONDS /AWS1/MDSMAXAGESECONDS

The time in seconds that your browser caches the preflight response for the specified resource.

A CORS rule can have only one MaxAgeSeconds element.

it_exposeheaders TYPE /AWS1/CL_MDSEXPOSEHEADERS_W=>TT_EXPOSEHEADERS TT_EXPOSEHEADERS

One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

This element is optional for each rule.

Queryable Attributes

AllowedOrigins

One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

Each CORS rule must have at least one AllowedOrigins element. The string value can include only one wildcard character (), for example, http://.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.

Accessible with the following methods

Method Description
GET_ALLOWEDORIGINS() Getter for ALLOWEDORIGINS, with configurable default
ASK_ALLOWEDORIGINS() Getter for ALLOWEDORIGINS w/ exceptions if field has no valu
HAS_ALLOWEDORIGINS() Determine if ALLOWEDORIGINS has a value

AllowedMethods

Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.

Each CORS rule must contain at least one AllowedMethods and one AllowedOrigins element.

Accessible with the following methods

Method Description
GET_ALLOWEDMETHODS() Getter for ALLOWEDMETHODS, with configurable default
ASK_ALLOWEDMETHODS() Getter for ALLOWEDMETHODS w/ exceptions if field has no valu
HAS_ALLOWEDMETHODS() Determine if ALLOWEDMETHODS has a value

AllowedHeaders

Specifies which headers are allowed in a preflight OPTIONS request through the Access-Control-Request-Headers header. Each header name that is specified in Access-Control-Request-Headers must have a corresponding entry in the rule. Only the headers that were requested are sent back.

This element can contain only one wildcard character (*).

Accessible with the following methods

Method Description
GET_ALLOWEDHEADERS() Getter for ALLOWEDHEADERS, with configurable default
ASK_ALLOWEDHEADERS() Getter for ALLOWEDHEADERS w/ exceptions if field has no valu
HAS_ALLOWEDHEADERS() Determine if ALLOWEDHEADERS has a value

MaxAgeSeconds

The time in seconds that your browser caches the preflight response for the specified resource.

A CORS rule can have only one MaxAgeSeconds element.

Accessible with the following methods

Method Description
GET_MAXAGESECONDS() Getter for MAXAGESECONDS

ExposeHeaders

One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

This element is optional for each rule.

Accessible with the following methods

Method Description
GET_EXPOSEHEADERS() Getter for EXPOSEHEADERS, with configurable default
ASK_EXPOSEHEADERS() Getter for EXPOSEHEADERS w/ exceptions if field has no value
HAS_EXPOSEHEADERS() Determine if EXPOSEHEADERS has a value

Public Local Types In This Class

Internal table types, representing arrays and maps of this class, are defined as local types:

TT_CORSPOLICY

TYPES TT_CORSPOLICY TYPE STANDARD TABLE OF REF TO /AWS1/CL_MDSCORSRULE WITH DEFAULT KEY
.