Jump to: navigation, search

web Section

staticResourcesCacheControl

Description: Define configuration of cache-control header for static web resources.
Default Value: public, max-age=1800
Valid Values: any values that follow the cache-control header specification, such as:

  1. Deny request caching: private, no-cache, no-store, max-age=0
  2. Allow request caching for 1800 seconds: public, max-age=1800

For more information, refer to: http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html and http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html.
Mandatory: No
Changes Take Effect: After server restart

staticResourcesCacheControlPattern

Description: This regular expression defines the url pattern of static resources that should be affected by the behavior prescribed by the staticResourcesCacheControl option.
Default pattern: ^(http)://.*$

  • The default pattern means "all static resources accessed through the http schema.”
  • The wildcard .* means “all static resources.”

Valid Values: any valid regular expression that describes the path to the static resource(s).
Mandatory: No
Changes Take Effect: After server restart
Option introduced in 8.5.000.43

cors.allowedOrigins

Description: A comma-separated list of origins that are allowed to access the resources. The default value is *, meaning all origins. If an allowed origin contains one or more * characters (for example http://*.domain.com), then * characters are converted to .*, . characters are escaped to \., and the resulting allowed origin is interpreted as a regular expression. Allowed origins can therefore be more complex expressions such as https?://*.domain.[a-z]{3}, which matches either http or https, multiple subdomains, and any 3 letter top-level domain, such as .com, .net, or .org.
Default Value: *
Valid Values: See the explanation in the description.
Mandatory: No
Changes Take Effect: After server restart

cors.allowedHeaders

Description: A comma-separated list of HTTP headers that are allowed to be specified when accessing the resources. If the value is a single *, this means that any headers will be accepted.
Default Value: x-requested-with,content-type,accept,origin,authorization,cookie
Valid Values: comma-separated list of HTTP headers
Mandatory: No
Changes Take Effect: After server restart

cors.allowedMethods

Description: A comma separated list of HTTP methods that are allowed to be specified when accessing the resources.
Default Value: GET,POST,OPTIONS,HEAD,DELETE
Valid Values: Comma-separated list of valid HTTP methods
Mandatory: No
Changes Take Effect: After server restart
Option introduced in 8.5.000.29

cors.urlMapping

Description: Defines a filter mapping with the given URL patterns and dispatcher types for the CORS Filter.
Default Value: *
Valid Values: Any string that contains a URL mapping parameter that follows the Servlet 3.0 mapping specification (chapter 12.2 Specification of Mappings), as documented at http://download.oracle.com/otn-pub/jcp/servlet-3.0-fr-eval-oth-JSpec/servlet-3_0-final-spec.pdf?AuthParam=1442871239_ec11f8b00a7ffbc532fdc10df90e5c10
Mandatory: No
Changes Take Effect: After server restart

jsonp.whiteList

Description: Defines a white list of regular expressions that specify the object and callback names allowed for JSONP requests.
Default Value: ^_gt\.setCategory$, ^_gt\.setDSL$ , ^jQuery\d*_\d*$
Valid Values: A comma-delimited list of regular expressions, each of which specifies the name of one of the allowed callback functions. These names normally have a format of obj.callback.
Mandatory: No
Changes Take Effect: After server restart
Option introduced in 8.5.000.42

This page was last edited on December 18, 2018, at 15:36.
Comments or questions about this documentation? Contact us for support!