mirror of
https://github.com/directus/directus.git
synced 2026-04-03 03:00:39 -04:00
Align CORS environment variables between middleware and cos (#4099)
* Align CORS environment variables between middleware and cos Fixes #4080 * Move CORS environment variables to env.ts
This commit is contained in:
YannickMol
@@ -33,6 +33,12 @@ const defaults: Record<string, any> = {
|
||||
REFRESH_TOKEN_COOKIE_SAME_SITE: 'lax',
|
||||
|
||||
CORS_ENABLED: true,
|
||||
CORS_ORIGIN: true,
|
||||
CORS_METHODS: 'GET,POST,PATCH,DELETE',
|
||||
CORS_ALLOWED_HEADERS: 'Content-Type,Authorization',
|
||||
CORS_EXPOSED_HEADERS: 'Content-Range',
|
||||
CORS_CREDENTIALS: true,
|
||||
CORS_MAX_AGE: 18000,
|
||||
|
||||
CACHE_ENABLED: false,
|
||||
CACHE_STORE: 'memory',
|
||||
|
||||
@@ -52,7 +52,7 @@ database instance.
|
||||
| Variable | Description | Default Value |
|
||||
| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------- |
|
||||
| `CORS_ENABLED` | Whether or not to enable the CORS headers. | `true` |
|
||||
| `CORS_ORIGIN` | Value for the `Access-Control-Allow-Origin` header. Use `true` to match the Origin header, or provide a domain or a CSV of domains for specific access | -- |
|
||||
| `CORS_ORIGIN` | Value for the `Access-Control-Allow-Origin` header. Use `true` to match the Origin header, or provide a domain or a CSV of domains for specific access | `true` |
|
||||
| `CORS_METHODS` | Value for the `Access-Control-Allow-Methods` header. | `GET,POST,PATCH,DELETE` |
|
||||
| `CORS_ALLOWED_HEADERS` | Value for the `Access-Control-Allow-Headers` header. | `Content-Type,Authorization` |
|
||||
| `CORS_EXPOSED_HEADERS` | Value for the `Access-Control-Expose-Headers` header. | `Content-Range` |
|
||||
|
||||
Reference in New Issue
Block a user