CORS Support
Cross-origin resource sharing (CORS) is a W3C specification that lets you specify in a flexible way what kind of cross-domain requests are authorized. If you use Spring MVC or Spring WebFlux, you can configure Actuator’s web endpoints to support such scenarios.
CORS support is disabled by default and is only enabled once you have set the management.endpoints.web.cors.allowed-origins property.
The following configuration permits GET and POST calls from the example.com domain:
-
Properties
-
YAML
management.endpoints.web.cors.allowed-origins=https://example.com
management.endpoints.web.cors.allowed-methods=GET,POSTmanagement:
endpoints:
web:
cors:
allowed-origins: "https://example.com"
allowed-methods: "GET,POST"
See CorsEndpointProperties for a complete list of options.
|