Get or set Allowed Headers. This property is to specify the value of Access-Control-Allowed-Headers in the preflight response. It defines the allowed headers in the actual CORS request. Each allowed header can have up to one wildcard (*).

Allowed HTTP Method. Valid values are GET,PUT,DELETE,POST,HEAD. This property is to specify the value of Access-Control-Allow-Methods header in the preflight response. It means the allowed methods in the actual CORS request.

Allowed origins. One origin could contain at most one wildcard (*).

Get or set exposed headers in the CORS response. Wildcard(*) is not allowed. This property is to specify the value of Access-Control-Expose-Headers in the preflight response.

HTTP Access-Control-Max-Age's getter and setter, in seconds. The Access-Control-Max-Age header indicates how long the results of a preflight request (OPTIONS) can be cached in a preflight result cache. The max value is 999999999.