ffgan <******@****.***> 1749399125 +0800

Harshavardhana <******@****.***> 1744208919 -0700

# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" class="external-link" target="_blank">CORS or "Cross-Origin Resource Sharing"</a> refers to the situations when a frontend running in a browser has JavaScript code that communicates with a backend, and the backend is in a different "origin" than the frontend.

## Origin { #origin }

* request body: request body (do not translate to "cuerpo de la petición")
* response body: response body (do not translate to "cuerpo de la respuesta")
* cross domain: cross domain (do not translate to "dominio cruzado")
* cross origin: cross origin (do not translate to "origen cruzado")
* plugin: plugin (do not translate to "complemento" or "extensión")
* plug-in: plug-in (do not translate to "complemento" or "extensión")

 *
 * <p><b>Warning:</b> Using a specific character encoding when hashing a {@link CharSequence} with
 * {@link #putString(CharSequence, Charset)} is generally only useful for cross-language
 * compatibility (otherwise prefer {@link #putUnencodedChars}). However, the character encodings
 * must be identical across languages. Also beware that {@link Charset} definitions may occasionally

  /**
   * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP">{@code
   * Cross-Origin-Embedder-Policy}</a> header field name.
   *
   * @since 30.0
   */
  public static final String CROSS_ORIGIN_EMBEDDER_POLICY = "Cross-Origin-Embedder-Policy";

  /**
   * The HTTP <a href="https://wicg.github.io/cross-origin-embedder-policy/#COEP-RO">{@code
   * Cross-Origin-Embedder-Policy-Report-Only}</a> header field name.

        assertTrue(rule.isTarget(12, 30, 8)); // Should be treated as day 1 (Sunday)

        // Test with cross-midnight rule
        IntervalRule crossRule = new IntervalRule("22:00", "02:00", "1", 1000); // Sunday only
        // For cross-midnight rule, when checking early morning hours (1:30), it checks day+1
        // day=8 becomes day=1, so day+1=2, which is Monday (not Sunday)

 */
package org.codelibs.fess.cors;

import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;

/**
 * Abstract base class for handling CORS (Cross-Origin Resource Sharing) requests.
 * Provides common CORS header constants and defines the processing interface.
 */
public abstract class CorsHandler {

    /**
     * Creates a new instance of CorsHandler.
     */

But if you have custom headers that you want a client in a browser to be able to see, you need to add them to your CORS configurations ([CORS (Cross-Origin Resource Sharing)](cors.md){.internal-link target=_blank}) using the parameter `expose_headers` documented in <a href="https://www.starlette.io/middleware/#corsmiddleware" class="external-link" target="_blank">Starlette's CORS docs</a>.

below.

Then type

```sh
kubectl create secret generic tls-ssl-minio --from-file=path/to/private.key --from-file=path/to/public.crt
```

Cross check if the secret is created successfully using

```sh
kubectl get secrets
```

You should see a secret named `tls-ssl-minio`.

## 3. Update deployment yaml file