Warning! This documentation is a work in progress. Expect things to be out of date and not actually work according to instructions.

Cross-origin resource sharing (CORS) Support

By default CORS requests are blocked for all files other than fonts. You can customize this by adding CORS configuration to your cond/stallion.toml file. Here is a full example of such a configuration, with the default settings:

[cors]
allowAll = false # Allow all CORS requests
allowAllForFonts = true # All CORS requests for any file with the extension of a font
originWhitelist = [] # A list of origins to allow
originRegexWhitelist = [] # A list of regular expressions for origins to allow
allowHeaders = ["x-requested-with", "content-type", "accept", "origin", "authorization", "x-csrftoken"] # a list of allowed headers for CORS requests
allowMethods = ["GET", "POST", "DELETE", "PUT", "PATCH", "OPTIONS"] # a list of allowed methods for CORS requests 
preflightMaxAge = 86400 # Seconds allowed from the preflight response to the actual request
© 2018 Stallion Software LLC