tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9879 from jchenevey/patch-1

Browse Source 
DOC Update 02_cors.md
This commit is contained in:
Steve Boyd 2021-03-19 12:29:14 +13:00 committed by GitHub
commit 358efdb51d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/en/02_Developer_Guides/19_GraphQL/04_security_and_best_practices/02_cors.md
View File

@ -51,7 +51,7 @@ Once you have enabled CORS you can then control four new headers in the HTTP Res
Allow requests from one specific external domain. Allow requests from one specific external domain.
```yaml ```yaml
Allow-Origin: 'my.domain.com' Allow-Origin: 'https://my.domain.com'
``` ```
* **Multiple Domains**: * **Multiple Domains**:
@ -60,8 +60,8 @@ Once you have enabled CORS you can then control four new headers in the HTTP Res
```yaml ```yaml
Allow-Origin: Allow-Origin:
- 'my.domain.com' - 'https://my.domain.com'
- 'your.domain.org' - 'https://your.domain.org'
``` ```
2. **Access-Control-Allow-Headers.** 2. **Access-Control-Allow-Headers.**
@ -131,7 +131,7 @@ If you add extra headers to your GraphQL server, you will need to write a
SilverStripe\GraphQL\Controller: SilverStripe\GraphQL\Controller:
cors: cors:
Enabled: true Enabled: true
Allow-Origin: 'silverstripe.org' Allow-Origin: 'https://silverstripe.org'
Allow-Headers: 'Authorization, Content-Type' Allow-Headers: 'Authorization, Content-Type'
Allow-Methods: 'GET, POST, OPTIONS' Allow-Methods: 'GET, POST, OPTIONS'
Allow-Credentials: 'true' Allow-Credentials: 'true'