HPCC-28033 Document CORS Section of values.yaml

Signed-off-by: g-pan <[email protected]>

docs/EN_US/ContainerizedHPCC/ContainerizedMods/ConfigureValues.xml

@@ -1023,6 +1023,43 @@ thor:
         categories, including the "ecl" category, are read internally by
         system components and not exposed directly to ECL code.</para>
       </sect3>
+
+      <sect3 id="CV_CrossOriginRes">
+        <title>Cross Origin Resource Handling</title>
+
+        <para>Cross-origin resource sharing (CORS) is a mechanism for
+        integrating applications in different domains. CORS defines how client
+        web applications in one domain can interact with resources in another
+        domain. As a further enhancement to HPCC Systems we've added support
+        to allow the configuration of CORS access settings to the ESP section
+        of the values.yaml file. These CORS support settings can be configured
+        as illustrated in the following example.</para>
+
+        <programlisting>esp:
+- name: eclwatch
+  application: eclwatch
+  auth: ldap
+  replicas: 1
+  # The following 'corsAllowed' section is used to configure CORS support
+  #   origin - the origin to support CORS requests from
+  #   headers - the headers to allow for the given origin via CORS
+  #   methods - the HTTP methods to allow for the given origin via CORS
+  #
+  corsAllowed:
+  # origin starting with https will only allow https CORS
+  - origin: https://*.my.com
+    headers:
+    - "X-X"
+    methods:
+    - "GET"
+  # origin starting with http will allow http or https CORS
+  - origin: http://www.example.com
+    headers:
+    - "*"
+    methods:
+    - "GET"
+    - "POST" </programlisting>
+      </sect3>
     </sect2>
 
     <sect2>