[Apiman-user] HTTP Methods
Marc Savy
marc.savy at redhat.com
Fri Aug 28 05:53:05 EDT 2015
I think there may have been some overzealous error detection going on. Please try out the latest master/1.1.x.
On 27/08/2015 20:02, Eric Wittmann wrote:
> Hi Fadi.
>
> It's possible this is a bug in the CORS policy or a mis-configuration.
> Hopefully Marc can respond shortly.
>
> One thing I'll say is that you *probably* don't need to include
> "OPTIONS" as one of the allowed CORS methods.
>
> -Eric
>
> On 8/27/2015 2:48 PM, Fadi Abdin wrote:
> > Hey Eric / Marc,
> >
> > Everything going good so far with the CORS fix but guessing there is
> > something still, or maybe i'm doing something wrong ( it always happened
> > to me ).
> >
> > I have setup my CORS Policy in API Man and included
> > "Access-Control-Allow-Methods" : "OPTIONS","GET","POST","DELETE",'PUT".
> >
> > But i get a 403 and "CORS: Invalid preflight request; must use OPTIONS
> > verb." on ANY service that is not GET.
> >
> > OPTIONS Header :
> >
> > 1.
> > Remote Address:
> > 172.26.209.66:443 <http://172.26.209.66:443>
> > 2.
> > Request URL:
> > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
> > 3.
> > Request Method:
> > OPTIONS
> > 4.
> > Status Code:
> > 200 OK
> > 1. Response Headersview source
> > 1.
> > Access-Control-Allow-Headers:
> > Accept, Authorization, Head
> > 2.
> > Access-Control-Allow-Methods:
> > OPTIONS, GET, POST, DELETE, PUT
> > 3.
> > Access-Control-Allow-Origin:
> > http://localhost:8383
> > 4.
> > Access-Control-Max-Age:
> > 0
> > 5.
> > Connection:
> > keep-alive
> > 6.
> > Date:
> > Thu, 27 Aug 2015 18:44:39 GMT
> > 7.
> > Server:
> > WildFly/8
> > 8.
> > Transfer-Encoding:
> > chunked
> > 9.
> > X-Powered-By:
> > Undertow/1
> > 2. Request Headersview source
> > 1.
> > Accept:
> > */*
> > 2.
> > Accept-Encoding:
> > gzip, deflate, sdch
> > 3.
> > Accept-Language:
> > en-US,en;q=0.8,ar;q=0.6
> > 4.
> > Access-Control-Request-Headers:
> > accept, authorization
> > 5.
> > Access-Control-Request-Method:
> > POST
> > 6.
> > Cache-Control:
> > no-cache
> > 7.
> > Connection:
> > keep-alive
> > 8.
> > Host:
> > dev-internal-api.expdev.local
> > 9.
> > Origin:
> > http://localhost:8383
> > 10.
> > Pragma:
> > no-cache
> > 11.
> > Referer:
> > http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327
> >
> >
> >
> >
> > POST HEADER
> >
> > 1.
> > Remote Address:
> > 172.26.209.66:443 <http://172.26.209.66:443>
> > 2.
> > Request URL:
> > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
> > 3.
> > Request Method:
> > POST
> > 4.
> > Status Code:
> > 403 Forbidden
> > 1. Response Headersview source
> > 1.
> > Access-Control-Allow-Origin:
> > http://localhost:8383
> > 2.
> > Connection:
> > keep-alive
> > 3.
> > Content-Length:
> > 195
> > 4.
> > Content-Type:
> > application/json
> > 5.
> > Date:
> > Thu, 27 Aug 2015 18:44:39 GMT
> > 6.
> > Server:
> > WildFly/8
> > 7.
> > X-Policy-Failure-Code:
> > 400
> > 8.
> > X-Policy-Failure-Message:
> > CORS: Invalid preflight request; must use OPTIONS verb.
> > 9.
> > X-Policy-Failure-Type:
> > Authorization
> > 10.
> > X-Powered-By:
> > Undertow/1
> > 2. Request Headersview source
> > 1.
> > Accept:
> > application/json, text/plain, */*
> > 2.
> > Accept-Encoding:
> > gzip, deflate
> > 3.
> > Accept-Language:
> > en-US,en;q=0.8,ar;q=0.6
> > 4.
> > Authorization:
> > Bearer
> > eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ
> > 5.
> > Cache-Control:
> > no-cache
> > 6.
> > Connection:
> > keep-alive
> > 7.
> > Content-Length:
> > 0
> > 8.
> > Host:
> > dev-internal-api.expdev.local
> > 9.
> > Origin:
> > http://localhost:8383
> > 10.
> > Pragma:
> > no-cache
> > 11.
> >
> > 12.
> >
> >
> >
> >
> > _______________________________________________
> > Apiman-user mailing list
> > Apiman-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/apiman-user
> >
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list