[Apiman-user] HTTP Methods
Marc Savy
msavy at redhat.com
Sat Sep 5 07:20:17 EDT 2015
Fadi - Is this all working as expected?
----- Original Message -----
From: "Marc Savy" <marc.savy at redhat.com>
To: "Fadi Abdin" <fadiabdeen at gmail.com>
Cc: "apiman-user" <apiman-user at lists.jboss.org>
Sent: Friday, 28 August, 2015 1:42:25 PM
Subject: Re: [Apiman-user] HTTP Methods
Should be 'apiman-plugins-cors-policy' ; repo is 'apiman-plugins'
On 28/08/2015 13:40, Fadi Abdin wrote:
> latest of cors-policy-plugin?
>
> On Fri, Aug 28, 2015 at 5:53 AM, Marc Savy <marc.savy at redhat.com
> <mailto:marc.savy at redhat.com>> wrote:
>
> I think there may have been some overzealous error detection going
> on. Please try out the latest master/1.1.x.
>
>
> On 27/08/2015 20:02, Eric Wittmann wrote:
>
> Hi Fadi.
>
> It's possible this is a bug in the CORS policy or a
> mis-configuration.
> Hopefully Marc can respond shortly.
>
> One thing I'll say is that you *probably* don't need to include
> "OPTIONS" as one of the allowed CORS methods.
>
> -Eric
>
> On 8/27/2015 2:48 PM, Fadi Abdin wrote:
> > Hey Eric / Marc,
> >
> > Everything going good so far with the CORS fix but guessing
> there is
> > something still, or maybe i'm doing something wrong ( it
> always happened
> > to me ).
> >
> > I have setup my CORS Policy in API Man and included
> > "Access-Control-Allow-Methods" :
> "OPTIONS","GET","POST","DELETE",'PUT".
> >
> > But i get a 403 and "CORS: Invalid preflight request; must
> use OPTIONS
> > verb." on ANY service that is not GET.
> >
> > OPTIONS Header :
> >
> > 1.
> > Remote Address:
> > 172.26.209.66:443 <http://172.26.209.66:443>
> <http://172.26.209.66:443>
> > 2.
> > Request URL:
> >
> https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
> > 3.
> > Request Method:
> > OPTIONS
> > 4.
> > Status Code:
> > 200 OK
> > 1. Response Headersview source
> > 1.
> > Access-Control-Allow-Headers:
> > Accept, Authorization, Head
> > 2.
> > Access-Control-Allow-Methods:
> > OPTIONS, GET, POST, DELETE, PUT
> > 3.
> > Access-Control-Allow-Origin:
> > http://localhost:8383
> > 4.
> > Access-Control-Max-Age:
> > 0
> > 5.
> > Connection:
> > keep-alive
> > 6.
> > Date:
> > Thu, 27 Aug 2015 18:44:39 GMT
> > 7.
> > Server:
> > WildFly/8
> > 8.
> > Transfer-Encoding:
> > chunked
> > 9.
> > X-Powered-By:
> > Undertow/1
> > 2. Request Headersview source
> > 1.
> > Accept:
> > */*
> > 2.
> > Accept-Encoding:
> > gzip, deflate, sdch
> > 3.
> > Accept-Language:
> > en-US,en;q=0.8,ar;q=0.6
> > 4.
> > Access-Control-Request-Headers:
> > accept, authorization
> > 5.
> > Access-Control-Request-Method:
> > POST
> > 6.
> > Cache-Control:
> > no-cache
> > 7.
> > Connection:
> > keep-alive
> > 8.
> > Host:
> > dev-internal-api.expdev.local
> > 9.
> > Origin:
> > http://localhost:8383
> > 10.
> > Pragma:
> > no-cache
> > 11.
> > Referer:
> >
> http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327
> >
> >
> >
> >
> > POST HEADER
> >
> > 1.
> > Remote Address:
> > 172.26.209.66:443 <http://172.26.209.66:443>
> <http://172.26.209.66:443>
> > 2.
> > Request URL:
> >
> https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
> > 3.
> > Request Method:
> > POST
> > 4.
> > Status Code:
> > 403 Forbidden
> > 1. Response Headersview source
> > 1.
> > Access-Control-Allow-Origin:
> > http://localhost:8383
> > 2.
> > Connection:
> > keep-alive
> > 3.
> > Content-Length:
> > 195
> > 4.
> > Content-Type:
> > application/json
> > 5.
> > Date:
> > Thu, 27 Aug 2015 18:44:39 GMT
> > 6.
> > Server:
> > WildFly/8
> > 7.
> > X-Policy-Failure-Code:
> > 400
> > 8.
> > X-Policy-Failure-Message:
> > CORS: Invalid preflight request; must use
> OPTIONS verb.
> > 9.
> > X-Policy-Failure-Type:
> > Authorization
> > 10.
> > X-Powered-By:
> > Undertow/1
> > 2. Request Headersview source
> > 1.
> > Accept:
> > application/json, text/plain, */*
> > 2.
> > Accept-Encoding:
> > gzip, deflate
> > 3.
> > Accept-Language:
> > en-US,en;q=0.8,ar;q=0.6
> > 4.
> > Authorization:
> > Bearer
> >
> eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ
> > 5.
> > Cache-Control:
> > no-cache
> > 6.
> > Connection:
> > keep-alive
> > 7.
> > Content-Length:
> > 0
> > 8.
> > Host:
> > dev-internal-api.expdev.local
> > 9.
> > Origin:
> > http://localhost:8383
> > 10.
> > Pragma:
> > no-cache
> > 11.
> >
> > 12.
> >
> >
> >
> >
> > _______________________________________________
> > Apiman-user mailing list
> > Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
> > https://lists.jboss.org/mailman/listinfo/apiman-user
> >
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
>
>
_______________________________________________
Apiman-user mailing list
Apiman-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user
More information about the Apiman-user
mailing list