Cross-Origin Resource Sharing (CORS) Support
The web reverse proxy can be configured to support cross-origin resource sharing.
Cross-origin resource sharing allows the web reverse proxy to indicate to clients that it permits clients to make cross-origin requests to resources which it protects. The web reverse proxy acts a resource processor as defined in the W3C recommendation Cross-Origin Resource Sharing.
Cross-origin resource sharing is achieved by indicating to clients by using a pre-flight check
that they might make cross-origin requests and on subsequent cross-origin requests how they are
permitted to use any responses returned.
Note: Cross-origin resource sharing should not be considered
a security enforcement mechanism for protecting resources. A malicious client can bypass all
cross-origin resource sharing processing by simply not performing a pre-flight check or by not
including an accurate origin header when making cross origin requests.