Class: AWSCDK::APIGateway::CorsOptions

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
api_gateway/cors_options.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(allow_origins:, allow_credentials: nil, allow_headers: nil, allow_methods: nil, disable_cache: nil, expose_headers: nil, max_age: nil, status_code: nil) ⇒ CorsOptions

Returns a new instance of CorsOptions.

Parameters:

  • allow_origins (Array<String>)

    Specifies the list of origins that are allowed to make requests to this resource.

  • allow_credentials (Boolean, nil) (defaults to: nil)

    The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include".

  • allow_headers (Array<String>, nil) (defaults to: nil)

    The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request.

  • allow_methods (Array<String>, nil) (defaults to: nil)

    The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request.

  • disable_cache (Boolean, nil) (defaults to: nil)

    Sets Access-Control-Max-Age to -1, which means that caching is disabled.

  • expose_headers (Array<String>, nil) (defaults to: nil)

    The Access-Control-Expose-Headers response header indicates which headers can be exposed as part of the response by listing their names.

  • max_age (AWSCDK::Duration, nil) (defaults to: nil)

    The Access-Control-Max-Age response header indicates how long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.

  • status_code (Numeric, nil) (defaults to: nil)

    Specifies the response status code returned from the OPTIONS method.



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# File 'api_gateway/cors_options.rb', line 14

def initialize(allow_origins:, allow_credentials: nil, allow_headers: nil, allow_methods: nil, disable_cache: nil, expose_headers: nil, max_age: nil, status_code: nil)
  @allow_origins = allow_origins
  Jsii::Type.check_type(@allow_origins, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowOrigins")
  @allow_credentials = allow_credentials
  Jsii::Type.check_type(@allow_credentials, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "allowCredentials") unless @allow_credentials.nil?
  @allow_headers = allow_headers
  Jsii::Type.check_type(@allow_headers, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowHeaders") unless @allow_headers.nil?
  @allow_methods = allow_methods
  Jsii::Type.check_type(@allow_methods, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowMethods") unless @allow_methods.nil?
  @disable_cache = disable_cache
  Jsii::Type.check_type(@disable_cache, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "disableCache") unless @disable_cache.nil?
  @expose_headers = expose_headers
  Jsii::Type.check_type(@expose_headers, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "exposeHeaders") unless @expose_headers.nil?
  @max_age = max_age
  Jsii::Type.check_type(@max_age, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5EdXJhdGlvbiJ9")), "maxAge") unless @max_age.nil?
  @status_code = status_code
  Jsii::Type.check_type(@status_code, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "statusCode") unless @status_code.nil?
end

Instance Attribute Details

#allow_credentialsBoolean? (readonly)

Note:

Default: false

The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include".

When a request's credentials mode (Request.credentials) is "include", browsers will only expose the response to frontend JavaScript code if the Access-Control-Allow-Credentials value is true.

Credentials are cookies, authorization headers or TLS client certificates.



56
57
58
# File 'api_gateway/cors_options.rb', line 56

def allow_credentials
  @allow_credentials
end

#allow_headersArray<String>? (readonly)

Note:

Default: Cors.DEFAULT_HEADERS

The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request.



62
63
64
# File 'api_gateway/cors_options.rb', line 62

def allow_headers
  @allow_headers
end

#allow_methodsArray<String>? (readonly)

Note:

Default: Cors.ALL_METHODS

The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request.

If ANY is specified, it will be expanded to Cors.ALL_METHODS.



70
71
72
# File 'api_gateway/cors_options.rb', line 70

def allow_methods
  @allow_methods
end

#allow_originsArray<String> (readonly)

Specifies the list of origins that are allowed to make requests to this resource.

If you wish to allow all origins, specify Cors.ALL_ORIGINS or [ * ].

Responses will include the Access-Control-Allow-Origin response header. If specific origins are specified (not Cors.ALL_ORIGINS), the Vary: Origin response header will also be included.



44
45
46
# File 'api_gateway/cors_options.rb', line 44

def allow_origins
  @allow_origins
end

#disable_cacheBoolean? (readonly)

Note:

Default: - cache is enabled

Sets Access-Control-Max-Age to -1, which means that caching is disabled.

This option cannot be used with max_age.

Returns:

  • (Boolean, nil)


77
78
79
# File 'api_gateway/cors_options.rb', line 77

def disable_cache
  @disable_cache
end

#expose_headersArray<String>? (readonly)

Note:

Default: - only the 6 CORS-safelisted response headers are exposed: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma

The Access-Control-Expose-Headers response header indicates which headers can be exposed as part of the response by listing their names.

If you want clients to be able to access other headers, you have to list them using the Access-Control-Expose-Headers header.



86
87
88
# File 'api_gateway/cors_options.rb', line 86

def expose_headers
  @expose_headers
end

#max_ageAWSCDK::Duration? (readonly)

Note:

Default: - browser-specific (see reference)

The Access-Control-Max-Age response header indicates how long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.

To disable caching altogether use disableCache: true.



94
95
96
# File 'api_gateway/cors_options.rb', line 94

def max_age
  @max_age
end

#status_codeNumeric? (readonly)

Note:

Default: 204

Specifies the response status code returned from the OPTIONS method.

Returns:

  • (Numeric, nil)


99
100
101
# File 'api_gateway/cors_options.rb', line 99

def status_code
  @status_code
end

Class Method Details

.jsii_propertiesObject



101
102
103
104
105
106
107
108
109
110
111
112
# File 'api_gateway/cors_options.rb', line 101

def self.jsii_properties
  {
    :allow_origins => "allowOrigins",
    :allow_credentials => "allowCredentials",
    :allow_headers => "allowHeaders",
    :allow_methods => "allowMethods",
    :disable_cache => "disableCache",
    :expose_headers => "exposeHeaders",
    :max_age => "maxAge",
    :status_code => "statusCode",
  }
end

Instance Method Details

#to_jsiiObject



114
115
116
117
118
119
120
121
122
123
124
125
126
127
# File 'api_gateway/cors_options.rb', line 114

def to_jsii
  result = {}
  result.merge!({
    "allowOrigins" => @allow_origins,
    "allowCredentials" => @allow_credentials,
    "allowHeaders" => @allow_headers,
    "allowMethods" => @allow_methods,
    "disableCache" => @disable_cache,
    "exposeHeaders" => @expose_headers,
    "maxAge" => @max_age,
    "statusCode" => @status_code,
  })
  result.compact
end