Fortinet black logo

CLI Reference

config security waf cors-headers

config security waf cors-headers

Use this command to configure the CORS Headers List for the Cross-Origin Resource Sharing (CORS) Protection.

The HTTP headers on this list may be "allowed" or "exposed" in the CORS Protection Rule List. If allowed, FortiADC will use the headers list to verify whether the headers used in the CORS requests are legitimate. If exposed, FortiADC will expose the headers in the headers list in JavaScript and share with foreign applications.

Syntax

config security waf cors-headers

edit <name>

config headers-list

edit <name>

set header <string>

next

end

next

end

header Specify the HTTP header as a string. (Range: 1-63 characters).

Example

config security waf cors-headers

edit <header-list1>

config headers-list

edit 1

set header header1

next

end

next

end

config security waf cors-headers

Use this command to configure the CORS Headers List for the Cross-Origin Resource Sharing (CORS) Protection.

The HTTP headers on this list may be "allowed" or "exposed" in the CORS Protection Rule List. If allowed, FortiADC will use the headers list to verify whether the headers used in the CORS requests are legitimate. If exposed, FortiADC will expose the headers in the headers list in JavaScript and share with foreign applications.

Syntax

config security waf cors-headers

edit <name>

config headers-list

edit <name>

set header <string>

next

end

next

end

header Specify the HTTP header as a string. (Range: 1-63 characters).

Example

config security waf cors-headers

edit <header-list1>

config headers-list

edit 1

set header header1

next

end

next

end