List of origins that are allowed to issue requests with the custom scheme, such as XHRs and subresource requests that have an Origin header. The origin of any request (requests that have the Origin header) to the custom scheme URI needs to be in this list. No-origin requests are requests that do not have an Origin header, such as link navigations, embedded images and are always allowed. Note: POST requests always contain an Origin header, therefore AllowedOrigins must be set for even for same origin POST requests. Note that cross-origin restrictions still apply. From any opaque origin (Origin header is null), no cross-origin requests are allowed. If the list is empty, no cross-origin request to this scheme is allowed. Origins are specified as a string in the format of scheme://host:port. The origins are string pattern matched with * (matches 0 or more characters) and ? (matches 0 or 1 character) wildcards just like the URI matching in the AddWebResourceRequestedFilter API. For example, "http://*.example.com:80". Here's a set of examples of what is allowed and not:
Set the array of origins that are allowed to use the scheme.
Set this property to true if the URIs with this custom scheme will have an authority component (a host for custom schemes). Specifically, if you have a URI of the following form you should set the HasAuthorityComponent value as listed.
The name of the custom scheme to register.
Whether the sites with this scheme will be treated as a Secure Context
like an HTTPS site. This flag is only effective when HasAuthorityComponent is also set to true. false by default.
Get has authority component.
Set if the scheme will be treated as a Secure Context.