diff --git a/data/web/api/openapi.yaml b/data/web/api/openapi.yaml index 66161153..1d262168 100644 --- a/data/web/api/openapi.yaml +++ b/data/web/api/openapi.yaml @@ -5602,6 +5602,50 @@ paths: description: You can list all mailboxes existing in system for a specific domain. operationId: Get mailboxes of a domain summary: Get mailboxes of a domain + /api/v1/edit/cors: + post: + responses: + "401": + $ref: "#/components/responses/Unauthorized" + "200": + content: + application/json: + examples: + response: + value: + - type: "success" + log: ["cors", "edit", {"allowed_origins": ["*", "mail.mailcow.tld"], "allowed_methods": ["POST", "GET", "DELETE", "PUT"]}] + msg: "cors_headers_edited" + description: OK + headers: { } + tags: + - Cross-Origin Resource Sharing (CORS) + description: >- + This endpoint allows you to manage Cross-Origin Resource Sharing (CORS) settings for the API. + CORS is a security feature implemented by web browsers to prevent unauthorized cross-origin requests. + By editing the CORS settings, you can specify which domains and which methods are permitted to access the API resources from outside the mailcow domain. + operationId: Edit Cross-Origin Resource Sharing (CORS) settings + requestBody: + content: + application/json: + schema: + example: + attr: + allowed_origins: ["*", "mail.mailcow.tld"] + allowed_methods: ["POST", "GET", "DELETE", "PUT"] + properties: + attr: + type: object + properties: + allowed_origins: + type: array + items: + type: string + allowed_methods: + type: array + items: + type: string + summary: Edit Cross-Origin Resource Sharing (CORS) settings tags: - name: Domains @@ -5646,3 +5690,5 @@ tags: description: Get the status of your cow - name: Ratelimits description: Edit domain ratelimits + - name: Cross-Origin Resource Sharing (CORS) + description: Manage Cross-Origin Resource Sharing (CORS) settings