The root config type for the Cross-Origin Resource Sharing (CORS) filter configuration file. The
allowed-* elements apply globally to all endpoints. The resources element allows you to add
additional allowed-* options (currently only allowed-methods) to a subset of resources that can be
specified by their path using regex.
List of valid cross-origins that are allowed to access resources on this host. At a minimum, the
current host should be included in this list for the clients that send the Origin header for
same-origin requests (e.g. Chrome and Safari). You can optionally mark a value as being a regex
pattern.
List of allowed HTTP methods (either globally or for a given resource depending on context).
List of resources with additional features (e.g. allowed HTTP methods).
A resource specified by a path (regex) that has additional features (e.g. allowed HTTP methods).