[EDU-5477] feat: add missing CORS header (#1299)

* feat: add missing header * feat: add missing header in ptbr guide * fix: header on rtm
aziontech · Oct 7, 2024 · 64f573b · 64f573b
1 parent cf36dfc
commit 64f573b
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/...ontent/docs/en/pages/guides/edge-application/ea-cors/check-cors-permissions.mdx b/...ontent/docs/en/pages/guides/edge-application/ea-cors/check-cors-permissions.mdx
@@ -95,7 +95,7 @@ In the following example, CORS is being allowed through the `OPTIONS` method. To
 | **Description** | Allows CORS for OPTIONS requests in /your-uri, as well as non-complex requests |
 | **Phase** | Response Phase |
 | **Criteria** | `${uri}` *starts with* `/your-uri` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 :::tip
 You may configure other complex request types as you want by adding them to the values of the `Allow`, `Access-Control-Allow-Methods`, and `Access-Control-Allow-Origin` headers. You can also customize the format of the response in the `Content-Type` header to fit your needs.
@@ -116,7 +116,7 @@ You may configure other complex request types as you want by adding them to the
 | **Name** | OPTIONS CORS |
 | **Description** | Allows CORS for OPTIONS requests in /your-uri, as well as non-complex requests |
 | **Criteria** | `${uri}` *starts with* `/your-uri` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 :::tip
 You may configure other complex request types as you want by adding them to the values of the `Allow`, `Access-Control-Allow-Methods`, and `Access-Control-Allow-Origin` headers. You can also customize the format of the response in the `Content-Type` header to fit your needs.
@@ -171,7 +171,7 @@ Now you need to create a rule that processes requests from multiple origins:
 | **Name** | Multiple origins CORS |
 | **Phase** | Response Phase |
 | **Criteria** | `${http_origin}` *is equal* `http://your.domain1.com`<br />**OR** `${http_origin}` *is equal* `http://your.domain2.com`<br />**OR** `${http_origin}` *is equal* `http://your.domain3.com` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 4. Click the **Save** button.
 </Fragment>
@@ -185,7 +185,7 @@ Now you need to create a rule that processes requests from multiple origins:
 |-----------|------|
 | **Name** | Multiple origins CORS |
 | **Criteria** | `${http_origin}` *is equal* `http://your.domain1.com`<br />**OR** `${http_origin}` *is equal* `http://your.domain2.com`<br />**OR** `${http_origin}` *is equal* `http://your.domain3.com` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 4. Click the **Save** button.
 </Fragment>

diff --git a/...tent/docs/pt-br/pages/guias/edge-application/ea-cors/check-cors-permissions.mdx b/...tent/docs/pt-br/pages/guias/edge-application/ea-cors/check-cors-permissions.mdx
@@ -96,7 +96,7 @@ No exemplo a seguir, o CORS está sendo permitido por meio do método `OPTIONS`.
 | **Description** | Permite CORS para OPTIONS em /sua-uri e outras requisições não complexas | 
 | **Phase** | Response Phase |
 | **Criteria** | `${uri}` *starts with* `/your-uri` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 :::tip
 Você pode configurar outros tipos de requisições complexas conforme desejar, adicionando-os aos valores dos cabeçalhos `Allow`, `Access-Control-Allow-Methods` e `Access-Control-Allow-Origin`. Você também pode personalizar o formato da resposta no cabeçalho `Content-Type` para atender às suas necessidades.
@@ -117,7 +117,7 @@ Você pode configurar outros tipos de requisições complexas conforme desejar,
 | **Name** | OPTIONS CORS |
 | **Description** | Permite CORS para OPTIONS em /sua-uri e outras requisições não complexas
 | **Criteria** | `${uri}` *starts with* `/your-uri` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 :::tip
 Você pode configurar outros tipos de requisições complexas conforme desejar, adicionando-os aos valores dos cabeçalhos `Allow`, `Access-Control-Allow-Methods` e `Access-Control-Allow-Origin`. Você também pode personalizar o formato da resposta no cabeçalho `Content-Type` para atender às suas necessidades.
@@ -172,7 +172,7 @@ Agora você precisa criar uma regra que processe requisições de várias origen
 | **Name** | CORS para múltiplas origens |
 | **Phase** | Response Phase |
 | **Criteria** | `${http_origin}` *is equal* `http://seu.domain1.com`<br />**OR** `${http_origin}` *is equal* `http://seu.domain2.com`<br />**OR** `${http_origin}` *is equal* `http://seu.domain3.com` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 4. Clique no botão **Save**.
 </Fragment>
@@ -186,7 +186,7 @@ Agora você precisa criar uma regra que processe requisições de várias origen
 |-----------|------|
 | **Name** | CORS para múltiplas origens |
 | **Criteria** | `${http_origin}` *is equal* `http://seu.domain1.com`<br />**OR** `${http_origin}` *is equal* `http://seu.domain2.com`<br />**OR** `${http_origin}` *is equal* `http://seu.domain3.com` |
-| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
+| **Behavior** | **Add Response Header** `Access-Control-Allow-Origin: *`<br />**Add Response Header** `Access-Control-Allow-Headers: Content-Type, Authorization`<br />**Add Response Header** `Access-Control-Request-Method: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Content-Type: application/json`<br />**Add Response Header** `Allow: POST, GET, OPTIONS, HEAD`<br />**Add Response Header** `Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD` |
 
 4. Clique no botão **Save**.
 </Fragment>