[Apiman-user] HTTP Methods
Fadi Abdin
fadiabdeen at gmail.com
Thu Aug 27 14:48:55 EDT 2015
Hey Eric / Marc,
Everything going good so far with the CORS fix but guessing there is
something still, or maybe i'm doing something wrong ( it always happened to
me ).
I have setup my CORS Policy in API Man and included
"Access-Control-Allow-Methods" : "OPTIONS","GET","POST","DELETE",'PUT".
But i get a 403 and "CORS: Invalid preflight request; must use OPTIONS
verb." on ANY service that is not GET.
OPTIONS Header :
1. Remote Address:
172.26.209.66:443
2. Request URL:
https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
3. Request Method:
OPTIONS
4. Status Code:
200 OK
1. Response Headersview source
1. Access-Control-Allow-Headers:
Accept, Authorization, Head
2. Access-Control-Allow-Methods:
OPTIONS, GET, POST, DELETE, PUT
3. Access-Control-Allow-Origin:
http://localhost:8383
4. Access-Control-Max-Age:
0
5. Connection:
keep-alive
6. Date:
Thu, 27 Aug 2015 18:44:39 GMT
7. Server:
WildFly/8
8. Transfer-Encoding:
chunked
9. X-Powered-By:
Undertow/1
2. Request Headersview source
1. Accept:
*/*
2. Accept-Encoding:
gzip, deflate, sdch
3. Accept-Language:
en-US,en;q=0.8,ar;q=0.6
4. Access-Control-Request-Headers:
accept, authorization
5. Access-Control-Request-Method:
POST
6. Cache-Control:
no-cache
7. Connection:
keep-alive
8. Host:
dev-internal-api.expdev.local
9. Origin:
http://localhost:8383
10. Pragma:
no-cache
11. Referer:
http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327
POST HEADER
1. Remote Address:
172.26.209.66:443
2. Request URL:
https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
3. Request Method:
POST
4. Status Code:
403 Forbidden
1. Response Headersview source
1. Access-Control-Allow-Origin:
http://localhost:8383
2. Connection:
keep-alive
3. Content-Length:
195
4. Content-Type:
application/json
5. Date:
Thu, 27 Aug 2015 18:44:39 GMT
6. Server:
WildFly/8
7. X-Policy-Failure-Code:
400
8. X-Policy-Failure-Message:
CORS: Invalid preflight request; must use OPTIONS verb.
9. X-Policy-Failure-Type:
Authorization
10. X-Powered-By:
Undertow/1
2. Request Headersview source
1. Accept:
application/json, text/plain, */*
2. Accept-Encoding:
gzip, deflate
3. Accept-Language:
en-US,en;q=0.8,ar;q=0.6
4. Authorization:
Bearer
eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ
5. Cache-Control:
no-cache
6. Connection:
keep-alive
7. Content-Length:
0
8. Host:
dev-internal-api.expdev.local
9. Origin:
http://localhost:8383
10. Pragma:
no-cache
11.
12.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150827/2a8f5b9c/attachment-0001.html
More information about the Apiman-user
mailing list