Open the menu
    ```html

    CORS Rules: Edit

    Features

    • It is an administration interface

    Screens

    Edit
    • Position (integer, required field) : This field is used to sort the rules when validating a request. Rules with a lower position are prioritized, and those with a higher position are less prioritized.
    • Origin request pattern (text, required field) : This is a regular expression to validate whether the rule applies to the request being made.
      For example, if the request contains an header Origin with a value of http://sample.example.com and the value of this field is http://another\.sample\.example\.com, this rule will not be applied to the request.
    • Request path pattern (text, required field) : This is a regular expression to validate whether the rule applies to the request being made.
      For example, if the request contains a path /news/government/ and the value of this field is /sports/.*, this rule will not be applied to the request.
    • Allowed methods in the request (text, required field) : This field is used to inform the HTTP methods supported in the CORS call being processed.
      It can be a comma-separated list of the supported values or the value *. For example: GET, PUT, HEAD, OPTIONS or *.
      If this field has a list of values, the HTTP request method must match one of those values for the rule to be applied to the request.
      If this field has a * value, the HTTP request method being made will not be validated (all methods will be supported).
      This value is passed in the header Access-Control-Allow-Methods in preflight requests.
    • Allowed headers (text) : This field is used to inform the HTTP headers that can be sent during a normal CORS call.
      This value is passed in the header Access-Control-Allow-Headers in preflight requests.
    • Allows sending credentials (boolean, required field) : This field is used to inform the browser whether the credentials should be exposed to JavaScript.
      This value is passed in the header Access-Control-Allow-Credentials.
    • Headers exposed in the request (text) : This field is used to inform the HTTP headers that can be exposed to the resource making the CORS call.
      This value is passed in the header Access-Control-Expose-Headers in normal requests.
    • Maximum cache age for CORS information (integer, required field) : This field is used to inform the caching time of the CORS information by the client in seconds.
      This value is passed in the header Access-Control-Max-Age in preflight requests.

    Permissions

    • Manage service instance: Allows managing all data of this service instance, including deleting it entirely.

    Actions

    • commit
    ```