Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add docs on cors runtime setting #644

Merged
merged 3 commits into from
Nov 20, 2024
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions spiceaidocs/docs/api/http/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,15 @@ import DocCardList from '@theme/DocCardList';
## Authentication

API Key authentication is supported for all HTTP routes. See [API Key Authentication](../../api/auth/index.md) for more details.

## Cross-Origin Resource Sharing (CORS)

CORS is disabled by default. Enable for all origins with:

```yaml
runtime:
cors:
enabled: true
```
See [CORS](/reference/spicepod/index.md#runtimecors) for more details.
32 changes: 32 additions & 0 deletions spiceaidocs/docs/reference/spicepod/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,38 @@ runtime:
- `retention_period` - optional, how long records in the task history table should be retained. Default is `8h`, or 8 hours.
- `retention_check_interval` - optional, how often should old records be checked for removal. Default is `15m`, or 15 minutes.

### `runtime.cors`

The CORS section specifies the configuration for enabling Cross-Origin Resource Sharing (CORS) for the HTTP endpoint. By default, CORS is enabled with all origins.
phillipleblanc marked this conversation as resolved.
Show resolved Hide resolved

Default configuration:

```yaml
runtime:
cors:
enabled: true
allowed_origins: ["*"]
phillipleblanc marked this conversation as resolved.
Show resolved Hide resolved
```

### `runtime.cors.enabled`

Enables or disables CORS for the HTTP endpoint. `false` by default.

### `runtime.cors.allowed_origins`

A list of allowed origins for CORS requests. `["*"]` by default, which allows all origins.

Example:

```yaml
runtime:
cors:
enabled: true
allowed_origins: ["https://example.com"]
```

This configuration allows requests from the `https://example.com` origin only.

## `metadata`

An optional `map` of metadata.
Expand Down