Skip to main content
Version: Next

How to use CORS

Cross-origin resource filter

Server configuration

Configuration itemDescriptionDefault valueRequiredSince version
gravitino.server.webserver.enableCorsFilterEnable cross-origin resource share filter.falseNo0.4.0
gravitino.server.webserver.allowedOriginsA comma separated list of allowed origins to access the resources. The default value is *, which means all origins.*No0.4.0
gravitino.server.webserver.allowedTimingOriginsA comma separated list of allowed origins to time the resource. The default value is the empty string, which means no origins.''(empty string)No0.4.0
gravitino.server.webserver.allowedMethodsA comma separated list of allowed HTTP methods used when accessing the resources. The default values are GET, POST, HEAD, and DELETE.GET,POST,HEAD,DELETE,PUTNo0.4.0
gravitino.server.webserver.allowedHeadersA comma separated list of allowed HTTP headers specified when accessing the resources. The default value is X-Requested-With,Content-Type,Accept,Origin. If the value is a single *, it accepts all headers.X-Requested-With,Content-Type,Accept,OriginNo0.4.0
gravitino.server.webserver.preflightMaxAgeInSecsThe number of seconds to cache preflight requests by the client. The default value is 1800 seconds or 30 minutes.1800No0.4.0
gravitino.server.webserver.allowCredentialsA boolean indicating if the resource allows requests with credentials. The default value is true.trueNo0.4.0
gravitino.server.webserver.exposedHeadersA comma separated list of allowed HTTP headers exposed on the client. The default value is the empty list.''(empty string)No0.4.0
gravitino.server.webserver.chainPreflightIf true chained preflight requests for normal handling (as an OPTION request). Otherwise, the filter responds to the preflight. The default is true.trueNo0.4.0

Apache Iceberg REST service's configuration

Configuration itemDescriptionDefault valueRequiredSince version
gravitino.iceberg-rest.enableCorsFilterEnable cross-origin resource share filter.falseNo0.4.0
gravitino.iceberg-rest.allowedOriginsA comma separated list of allowed origins that access the resources. The default value is *, which means all origins.*No0.4.0
gravitino.iceberg-rest.allowedTimingOriginsA comma separated list of allowed origins that time the resource. The default value is the empty string, which means no origins.''(empty string)No0.4.0
gravitino.iceberg-rest.allowedMethodsA comma separated list of allowed HTTP methods used when accessing the resources. The default values are GET, POST, HEAD, and DELETE.GET,POST,HEAD,DELETE,PUTNo0.4.0
gravitino.iceberg-rest.allowedHeadersA comma separated list of HTTP allowed headers specified when accessing the resources. The default value is X-Requested-With,Content-Type,Accept,Origin. If the value is a single *, it accepts all headers.X-Requested-With,Content-Type,Accept,OriginNo0.4.0
gravitino.iceberg-rest.preflightMaxAgeInSecsThe number of seconds to cache preflight requests by the client. The default value is 1800 seconds or 30 minutes.1800No0.4.0
gravitino.iceberg-rest.allowCredentialsA boolean indicating if the resource allows requests with credentials. The default value is true.trueNo0.4.0
gravitino.iceberg-rest.exposedHeadersA comma separated list of allowed HTTP headers exposed on the client. The default value is the empty list.''(empty string)No0.4.0
gravitino.iceberg-rest.chainPreflightIf true chained preflight requests for normal handling (as an OPTION request). Otherwise, the filter responds to the preflight. The default is true.trueNo0.4.0