CrossOrigin(vararg value: String, origins: Array<String>, allowedHeaders: Array<String>, exposedHeaders: Array<String>, methods: Array<RequestMethod>, allowCredentials: String, maxAge: Long)
Marks the annotated method or type as permitting cross origin requests.
By default all origins and headers are permitted, credentials are not allowed, and the maximum age is set to 1800 seconds (30 minutes). The list of HTTP methods is set to the methods on the @RequestMapping if not explicitly set on @CrossOrigin.
NOTE: @CrossOrigin is processed if an appropriate HandlerMapping-HandlerAdapter pair is configured such as the RequestMappingHandlerMapping-RequestMappingHandlerAdapter pair which are the default in the MVC Java config and the MVC namespace.
Author
Russell Allen
Author
Sebastien Deleuze
Author
Sam Brannen
Since
4.2