Class: AWSCDK::APIGateway::CorsOptions
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::APIGateway::CorsOptions
- Defined in:
- api_gateway/cors_options.rb
Instance Attribute Summary collapse
-
#allow_credentials ⇒ Boolean?
readonly
The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include".
-
#allow_headers ⇒ Array<String>?
readonly
The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request.
-
#allow_methods ⇒ Array<String>?
readonly
The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request.
-
#allow_origins ⇒ Array<String>
readonly
Specifies the list of origins that are allowed to make requests to this resource.
-
#disable_cache ⇒ Boolean?
readonly
Sets Access-Control-Max-Age to -1, which means that caching is disabled.
-
#expose_headers ⇒ Array<String>?
readonly
The Access-Control-Expose-Headers response header indicates which headers can be exposed as part of the response by listing their names.
-
#max_age ⇒ AWSCDK::Duration?
readonly
The Access-Control-Max-Age response header indicates how long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.
-
#status_code ⇒ Numeric?
readonly
Specifies the response status code returned from the OPTIONS method.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(allow_origins:, allow_credentials: nil, allow_headers: nil, allow_methods: nil, disable_cache: nil, expose_headers: nil, max_age: nil, status_code: nil) ⇒ CorsOptions
constructor
A new instance of CorsOptions.
- #to_jsii ⇒ Object
Constructor Details
#initialize(allow_origins:, allow_credentials: nil, allow_headers: nil, allow_methods: nil, disable_cache: nil, expose_headers: nil, max_age: nil, status_code: nil) ⇒ CorsOptions
Returns a new instance of CorsOptions.
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'api_gateway/cors_options.rb', line 14 def initialize(allow_origins:, allow_credentials: nil, allow_headers: nil, allow_methods: nil, disable_cache: nil, expose_headers: nil, max_age: nil, status_code: nil) @allow_origins = allow_origins Jsii::Type.check_type(@allow_origins, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowOrigins") @allow_credentials = allow_credentials Jsii::Type.check_type(@allow_credentials, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "allowCredentials") unless @allow_credentials.nil? @allow_headers = allow_headers Jsii::Type.check_type(@allow_headers, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowHeaders") unless @allow_headers.nil? @allow_methods = allow_methods Jsii::Type.check_type(@allow_methods, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowMethods") unless @allow_methods.nil? @disable_cache = disable_cache Jsii::Type.check_type(@disable_cache, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "disableCache") unless @disable_cache.nil? @expose_headers = expose_headers Jsii::Type.check_type(@expose_headers, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "exposeHeaders") unless @expose_headers.nil? @max_age = max_age Jsii::Type.check_type(@max_age, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5EdXJhdGlvbiJ9")), "maxAge") unless @max_age.nil? @status_code = status_code Jsii::Type.check_type(@status_code, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "statusCode") unless @status_code.nil? end |
Instance Attribute Details
#allow_credentials ⇒ Boolean? (readonly)
Default: false
The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include".
When a request's credentials mode (Request.credentials) is "include", browsers will only expose the response to frontend JavaScript code if the Access-Control-Allow-Credentials value is true.
Credentials are cookies, authorization headers or TLS client certificates.
56 57 58 |
# File 'api_gateway/cors_options.rb', line 56 def allow_credentials @allow_credentials end |
#allow_headers ⇒ Array<String>? (readonly)
Default: Cors.DEFAULT_HEADERS
The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request.
62 63 64 |
# File 'api_gateway/cors_options.rb', line 62 def allow_headers @allow_headers end |
#allow_methods ⇒ Array<String>? (readonly)
Default: Cors.ALL_METHODS
The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request.
If ANY is specified, it will be expanded to Cors.ALL_METHODS.
70 71 72 |
# File 'api_gateway/cors_options.rb', line 70 def allow_methods @allow_methods end |
#allow_origins ⇒ Array<String> (readonly)
Specifies the list of origins that are allowed to make requests to this resource.
If you wish to allow all origins, specify Cors.ALL_ORIGINS or
[ * ].
Responses will include the Access-Control-Allow-Origin response header.
If specific origins are specified (not Cors.ALL_ORIGINS), the Vary: Origin
response header will also be included.
44 45 46 |
# File 'api_gateway/cors_options.rb', line 44 def allow_origins @allow_origins end |
#disable_cache ⇒ Boolean? (readonly)
Default: - cache is enabled
Sets Access-Control-Max-Age to -1, which means that caching is disabled.
This option cannot be used with max_age.
77 78 79 |
# File 'api_gateway/cors_options.rb', line 77 def disable_cache @disable_cache end |
#expose_headers ⇒ Array<String>? (readonly)
Default: - only the 6 CORS-safelisted response headers are exposed: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
The Access-Control-Expose-Headers response header indicates which headers can be exposed as part of the response by listing their names.
If you want clients to be able to access other headers, you have to list them using the Access-Control-Expose-Headers header.
86 87 88 |
# File 'api_gateway/cors_options.rb', line 86 def expose_headers @expose_headers end |
#max_age ⇒ AWSCDK::Duration? (readonly)
Default: - browser-specific (see reference)
The Access-Control-Max-Age response header indicates how long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.
To disable caching altogether use disableCache: true.
94 95 96 |
# File 'api_gateway/cors_options.rb', line 94 def max_age @max_age end |
#status_code ⇒ Numeric? (readonly)
Default: 204
Specifies the response status code returned from the OPTIONS method.
99 100 101 |
# File 'api_gateway/cors_options.rb', line 99 def status_code @status_code end |
Class Method Details
.jsii_properties ⇒ Object
101 102 103 104 105 106 107 108 109 110 111 112 |
# File 'api_gateway/cors_options.rb', line 101 def self.jsii_properties { :allow_origins => "allowOrigins", :allow_credentials => "allowCredentials", :allow_headers => "allowHeaders", :allow_methods => "allowMethods", :disable_cache => "disableCache", :expose_headers => "exposeHeaders", :max_age => "maxAge", :status_code => "statusCode", } end |
Instance Method Details
#to_jsii ⇒ Object
114 115 116 117 118 119 120 121 122 123 124 125 126 127 |
# File 'api_gateway/cors_options.rb', line 114 def to_jsii result = {} result.merge!({ "allowOrigins" => @allow_origins, "allowCredentials" => @allow_credentials, "allowHeaders" => @allow_headers, "allowMethods" => @allow_methods, "disableCache" => @disable_cache, "exposeHeaders" => @expose_headers, "maxAge" => @max_age, "statusCode" => @status_code, }) result.compact end |