Open the menu
    ```html

    CORS Rules: Add

    Features

    • It is an administration interface

    Screens

    Add
    • Position (integer, required field) : This field is used to order the rules at the time of validating a request. The rules with the lowest position are the highest priority and those with the highest position are the lowest priority.
    • Origin request pattern (text, required field) : This is a regular expression to validate whether the rule applies to the ongoing request.
      For example, if the request contains a header Origin with a value of http://sample.example.com and the value of this field is http://another\.sample\.example\.com, this rule will not be applied to the request.
    • Request path pattern (text, required field) : This is a regular expression to validate whether the rule applies to the ongoing request.
      For example, if the request contains a path /news/government/ and the value of this field is /sports/.*, this rule will not be applied to the request.
    • Allowed methods in the request (text, required field) : This field is used to inform the HTTP methods supported in the CORS call being handled.
      It can be a comma-separated list of supported values or the value *. For example: GET, PUT, HEAD, OPTIONS or *.
      If this field contains a list of values, the HTTP request method must match one of the values in that list for the rule to apply to the request.
      If this field has a value *, the HTTP request method being made will not be validated (all methods will be supported).
      This value is passed in the header Access-Control-Allow-Methods in preflight requests.
    • Allowed headers (text, default value: dnt,user-agent,x-requested-with,if-modified-since,cache-control,content-type,range,x-lum-monuid) : This field is used to inform the HTTP headers that can be sent during a normal CORS call.
      This value is passed in the header Access-Control-Allow-Headers in preflight requests.
    • Allow sending credentials (boolean, required field, default value: false) : This field is used to inform the browser whether credentials should be exposed to Javascript.
      This value is passed in the header Access-Control-Allow-Credentials.
    • Headers exposed in the request (text, default value: content-length,content-range) : This field is used to inform the HTTP headers that can be exposed to the resource making the CORS call.
      This value is passed in the header Access-Control-Expose-Headers in normal requests.
    • Maximum cache age of CORS information (integer, required field, default value: 1800) : This field is used to inform the cache time for CORS information on the client in seconds.
      This value is passed in the header Access-Control-Max-Age in preflight requests.

    Permissions

    • Manage service instance: Allows managing all the data of this service instance, including deleting it entirely.

    Actions

    • commit
    ```