Added CORS documentation for v3.5

docs/_docs/getting-started/configuration.md

@@ -239,6 +239,20 @@ alpine.ldap.team.synchronization=false
 # alpine.http.proxy.username=
 # alpine.http.proxy.password=
 
+# Optional
+# Cross-Origin Resource Sharing (CORS) headers to include in REST responses.
+# If 'alpine.cors.enabled' is true, CORS headers will be sent, if false, no
+# CORS headers will be sent.
+# See Also: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
+# The following are default values
+#alpine.cors.enabled=true
+#alpine.cors.allow.origin=*
+#alpine.cors.allow.methods=GET POST PUT DELETE OPTIONS
+#alpine.cors.allow.headers=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count, *
+#alpine.cors.expose.headers=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count
+#alpine.cors.allow.credentials=true
+#alpine.cors.max.age=3600
+
 ####################### Dependency-Track Configuration ######################
 
 # Optional

docs/_docs/getting-started/deploy-docker.md

@@ -72,6 +72,15 @@ services:
     # - ALPINE_HTTP_PROXY_PORT=8888
     # - ALPINE_HTTP_PROXY_USERNAME=
     # - ALPINE_HTTP_PROXY_PASSWORD=
+    #
+    # Optional Cross-Origin Resource Sharing (CORS) Headers
+    # - ALPINE_CORS_ENABLED=true
+    # - ALPINE_CORS_ALLOW_ORIGIN=*
+    # - ALPINE_CORS_ALLOW_METHODS=GET POST PUT DELETE OPTIONS
+    # - ALPINE_CORS_ALLOW_HEADERS=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count, *
+    # - ALPINE_CORS_EXPOSE_HEADERS=Origin, Content-Type, Authorization, X-Requested-With, Content-Length, Accept, Origin, X-Api-Key, X-Total-Count
+    # - ALPINE_CORS_ALLOW_CREDENTIALS=true
+    # - ALPINE_CORS_MAX_AGE=3600
     image: 'owasp/dependency-track'
     ports:
     - '80:8080'