handle-preflight
Use this entry to control whether or not the reverse proxy generates responses to pre-flight requests.
handle-preflight = {true, false}
Description
This entry defines Whether or not the reverse proxy handles CORS pre-flight responses. The reverse proxy is capable of generating pre-flight responses. The reverse proxy considers requests that meet all of the following criteria to be CORS pre-flight requests:
The pre-flight response mechanism uses information from the following entries within a [cors-policy:<policy-name>] stanza to generate a response:
- the request matches this policy stanza. See request-match
- the request uses the OPTIONS method
- the request contains an Origin header specifying a permitted origin. See allow-origin
- the request contains an Access-Control-Request-Method header
- allow-credentials
- allow-header
- allow-method
- max-age
Options
yes|true The reverse proxy generates responses to requests it identifies as pre-flight cross-origin requests. no|false The reverse proxy will not respond to pre-flight cross-origin requests and forwards them to the backend application.
Usage: Optional
Default value: false
Example:
handle-preflight = true allow-credentials = true allow-header = X-IBM-HEADER max-age = 3600
Parent topic: [cors-policy:policy-name] stanza