Copyright | (c) 2013-2021 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | None |
Synopsis
- data CorsRule = CorsRule' {}
- newCorsRule :: NonEmpty Text -> CorsRule
- corsRule_allowedMethods :: Lens' CorsRule (Maybe (NonEmpty MethodName))
- corsRule_maxAgeSeconds :: Lens' CorsRule (Maybe Natural)
- corsRule_exposeHeaders :: Lens' CorsRule (Maybe [Text])
- corsRule_allowedOrigins :: Lens' CorsRule (NonEmpty Text)
- corsRule_allowedHeaders :: Lens' CorsRule [Text]
Documentation
A rule for a CORS policy. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.
See: newCorsRule
smart constructor.
CorsRule' | |
|
Instances
Create a value of CorsRule
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:allowedMethods:CorsRule'
, corsRule_allowedMethods
- Identifies an HTTP method that the origin that is specified in the rule
is allowed to execute.
Each CORS rule must contain at least one AllowedMethods
and one
AllowedOrigins
element.
$sel:maxAgeSeconds:CorsRule'
, corsRule_maxAgeSeconds
- The time in seconds that your browser caches the preflight response for
the specified resource.
A CORS rule can have only one MaxAgeSeconds
element.
$sel:exposeHeaders:CorsRule'
, corsRule_exposeHeaders
- One or more headers in the response that you want users to be able to
access from their applications (for example, from a JavaScript
XMLHttpRequest
object).
This element is optional for each rule.
$sel:allowedOrigins:CorsRule'
, corsRule_allowedOrigins
- One or more response headers that you want users to be able to access
from their applications (for example, from a JavaScript XMLHttpRequest
object).
Each CORS rule must have at least one AllowedOrigins
element. The
string value can include only one wildcard character (*), for example,
http://*.example.com. Additionally, you can specify only one wildcard
character to allow cross-origin access for all origins.
$sel:allowedHeaders:CorsRule'
, corsRule_allowedHeaders
- Specifies which headers are allowed in a preflight OPTIONS
request
through the Access-Control-Request-Headers
header. Each header name
that is specified in Access-Control-Request-Headers
must have a
corresponding entry in the rule. Only the headers that were requested
are sent back.
This element can contain only one wildcard character (*).
corsRule_allowedMethods :: Lens' CorsRule (Maybe (NonEmpty MethodName)) Source #
Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.
Each CORS rule must contain at least one AllowedMethods
and one
AllowedOrigins
element.
corsRule_maxAgeSeconds :: Lens' CorsRule (Maybe Natural) Source #
The time in seconds that your browser caches the preflight response for the specified resource.
A CORS rule can have only one MaxAgeSeconds
element.
corsRule_exposeHeaders :: Lens' CorsRule (Maybe [Text]) Source #
One or more headers in the response that you want users to be able to
access from their applications (for example, from a JavaScript
XMLHttpRequest
object).
This element is optional for each rule.
corsRule_allowedOrigins :: Lens' CorsRule (NonEmpty Text) Source #
One or more response headers that you want users to be able to access
from their applications (for example, from a JavaScript XMLHttpRequest
object).
Each CORS rule must have at least one AllowedOrigins
element. The
string value can include only one wildcard character (*), for example,
http://*.example.com. Additionally, you can specify only one wildcard
character to allow cross-origin access for all origins.
corsRule_allowedHeaders :: Lens' CorsRule [Text] Source #
Specifies which headers are allowed in a preflight OPTIONS
request
through the Access-Control-Request-Headers
header. Each header name
that is specified in Access-Control-Request-Headers
must have a
corresponding entry in the rule. Only the headers that were requested
are sent back.
This element can contain only one wildcard character (*).