Origins allowed by the CORS filter
Build a CORSConfig from a play.api.Configuration
Build a CORSConfig from a play.api.Configuration
The configuration is as follows:
play.filters.cors { pathPrefixes = ["/myresource", ...] # ["/"] by default allowedOrigins = ["http://...", ...] # If null, all origins are allowed allowedHttpMethods = ["PATCH", ...] # If null, all methods are allowed allowedHttpHeaders = ["Custom-Header", ...] # If null, all headers are allowed exposedHeaders = [...] # empty by default supportsCredentials = true # true by default preflightMaxAge = 1 hour # 1 hour by default serveForbiddenOrigins = false # false by default }
Helpers to build CORS policy configurations