
<div dir="ltr">Hey Marc , <div><br></div><div>There is still a problem. I just installed the latest version and tried a POST , the preflight passes but the acual post failes .. check this </div><div><br></div><div>Pre-Flight : <a href="https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82">https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82</a></div><div>Post : <a href="https://gist.github.com/fadiabdeen/6990954142c936e3c54a">https://gist.github.com/fadiabdeen/6990954142c936e3c54a</a></div><div><br></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Sep 5, 2015 at 7:29 AM, Fadi Abdin <span dir="ltr">&lt;<a href="mailto:fadiabdeen@gmail.com" target="_blank">fadiabdeen@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hey Marc, <div><br></div><div>Thanks for asking.. I did not try updating the new version to get other the GET to work.<br><div><br></div><div>Otherwise everything was perfect until Friday. and all the sudden some services start giving 500 when calling them (only in one of the environments setup). then i tried duplicating the the service and pumpup the version and it worked .. that was weird. but the cors didnt work. I did not fully invistigate whats going on but i was ready to send you an email explaining what happened after collecting more information. i&#39;m not sure why i keep having some issues like this . but if i got a chance this weekend i might send you details. </div><div><br></div><div>Thanks,</div><div>Fadi </div><div> <br></div></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Sep 5, 2015 at 7:20 AM, Marc Savy <span dir="ltr">&lt;<a href="mailto:msavy@redhat.com" target="_blank">msavy@redhat.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Fadi - Is this all working as expected?<br>


<div><div><br>


----- Original Message -----<br>


From: &quot;Marc Savy&quot; &lt;<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a>&gt;<br>


To: &quot;Fadi Abdin&quot; &lt;<a href="mailto:fadiabdeen@gmail.com" target="_blank">fadiabdeen@gmail.com</a>&gt;<br>


Cc: &quot;apiman-user&quot; &lt;<a href="mailto:apiman-user@lists.jboss.org" target="_blank">apiman-user@lists.jboss.org</a>&gt;<br>


Sent: Friday, 28 August, 2015 1:42:25 PM<br>


Subject: Re: [Apiman-user] HTTP Methods<br>


<br>


Should be &#39;apiman-plugins-cors-policy&#39; ; repo is &#39;apiman-plugins&#39;<br>


<br>


On 28/08/2015 13:40, Fadi Abdin wrote:<br>


&gt; latest of cors-policy-plugin?<br>


&gt;<br>


&gt; On Fri, Aug 28, 2015 at 5:53 AM, Marc Savy &lt;<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a><br>


&gt; &lt;mailto:<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a>&gt;&gt; wrote:<br>


&gt;<br>


&gt;     I think there may have been some overzealous error detection going<br>


&gt;     on. Please try out the latest master/1.1.x.<br>


&gt;<br>


&gt;<br>


&gt;     On 27/08/2015 20:02, Eric Wittmann wrote:<br>


&gt;<br>


&gt;         Hi Fadi.<br>


&gt;<br>


&gt;         It&#39;s possible this is a bug in the CORS policy or a<br>


&gt;         mis-configuration.<br>


&gt;         Hopefully Marc can respond shortly.<br>


&gt;<br>


&gt;         One thing I&#39;ll say is that you *probably* don&#39;t need to include<br>


&gt;         &quot;OPTIONS&quot; as one of the allowed CORS methods.<br>


&gt;<br>


&gt;         -Eric<br>


&gt;<br>


&gt;         On 8/27/2015 2:48 PM, Fadi Abdin wrote:<br>


&gt;          &gt; Hey Eric / Marc,<br>


&gt;          &gt;<br>


&gt;          &gt; Everything going good so far with the CORS fix but guessing<br>


&gt;         there is<br>


&gt;          &gt; something still, or maybe i&#39;m doing something wrong ( it<br>


&gt;         always happened<br>


&gt;          &gt; to me ).<br>


&gt;          &gt;<br>


&gt;          &gt; I have setup my CORS Policy in API Man and included<br>


&gt;          &gt; &quot;Access-Control-Allow-Methods&quot; :<br>


&gt;         &quot;OPTIONS&quot;,&quot;GET&quot;,&quot;POST&quot;,&quot;DELETE&quot;,&#39;PUT&quot;.<br>


&gt;          &gt;<br>


&gt;          &gt; But i get a 403 and &quot;CORS: Invalid preflight request; must<br>


&gt;         use OPTIONS<br>


&gt;          &gt; verb.&quot; on ANY service that is not GET.<br>


&gt;          &gt;<br>


&gt;          &gt; OPTIONS Header :<br>


&gt;          &gt;<br>


&gt;          &gt;       1.<br>


&gt;          &gt;          Remote Address:<br>


&gt;          &gt; <a href="http://172.26.209.66:443" rel="noreferrer" target="_blank">172.26.209.66:443</a> &lt;<a href="http://172.26.209.66:443" rel="noreferrer" target="_blank">http://172.26.209.66:443</a>&gt;<br>


&gt;         &lt;<a href="http://172.26.209.66:443" rel="noreferrer" target="_blank">http://172.26.209.66:443</a>&gt;<br>


&gt;          &gt;       2.<br>


&gt;          &gt;          Request URL:<br>


&gt;          &gt;<br>


&gt;         <a href="https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post" rel="noreferrer" target="_blank">https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post</a><br>


&gt;          &gt;       3.<br>


&gt;          &gt;          Request Method:<br>


&gt;          &gt;          OPTIONS<br>


&gt;          &gt;       4.<br>


&gt;          &gt;          Status Code:<br>


&gt;          &gt;          200 OK<br>


&gt;          &gt;   1. Response Headersview source<br>


&gt;          &gt;       1.<br>


&gt;          &gt;          Access-Control-Allow-Headers:<br>


&gt;          &gt;          Accept, Authorization, Head<br>


&gt;          &gt;       2.<br>


&gt;          &gt;          Access-Control-Allow-Methods:<br>


&gt;          &gt;          OPTIONS, GET, POST, DELETE, PUT<br>


&gt;          &gt;       3.<br>


&gt;          &gt;          Access-Control-Allow-Origin:<br>


&gt;          &gt; <a href="http://localhost:8383" rel="noreferrer" target="_blank">http://localhost:8383</a><br>


&gt;          &gt;       4.<br>


&gt;          &gt;          Access-Control-Max-Age:<br>


&gt;          &gt;          0<br>


&gt;          &gt;       5.<br>


&gt;          &gt;          Connection:<br>


&gt;          &gt;          keep-alive<br>


&gt;          &gt;       6.<br>


&gt;          &gt;          Date:<br>


&gt;          &gt;          Thu, 27 Aug 2015 18:44:39 GMT<br>


&gt;          &gt;       7.<br>


&gt;          &gt;          Server:<br>


&gt;          &gt;          WildFly/8<br>


&gt;          &gt;       8.<br>


&gt;          &gt;          Transfer-Encoding:<br>


&gt;          &gt;          chunked<br>


&gt;          &gt;       9.<br>


&gt;          &gt;          X-Powered-By:<br>


&gt;          &gt;          Undertow/1<br>


&gt;          &gt;   2. Request Headersview source<br>


&gt;          &gt;       1.<br>


&gt;          &gt;          Accept:<br>


&gt;          &gt;          */*<br>


&gt;          &gt;       2.<br>


&gt;          &gt;          Accept-Encoding:<br>


&gt;          &gt;          gzip, deflate, sdch<br>


&gt;          &gt;       3.<br>


&gt;          &gt;          Accept-Language:<br>


&gt;          &gt;          en-US,en;q=0.8,ar;q=0.6<br>


&gt;          &gt;       4.<br>


&gt;          &gt;          Access-Control-Request-Headers:<br>


&gt;          &gt;          accept, authorization<br>


&gt;          &gt;       5.<br>


&gt;          &gt;          Access-Control-Request-Method:<br>


&gt;          &gt;          POST<br>


&gt;          &gt;       6.<br>


&gt;          &gt;          Cache-Control:<br>


&gt;          &gt;          no-cache<br>


&gt;          &gt;       7.<br>


&gt;          &gt;          Connection:<br>


&gt;          &gt;          keep-alive<br>


&gt;          &gt;       8.<br>


&gt;          &gt;          Host:<br>


&gt;          &gt;          dev-internal-api.expdev.local<br>


&gt;          &gt;       9.<br>


&gt;          &gt;          Origin:<br>


&gt;          &gt; <a href="http://localhost:8383" rel="noreferrer" target="_blank">http://localhost:8383</a><br>


&gt;          &gt;      10.<br>


&gt;          &gt;          Pragma:<br>


&gt;          &gt;          no-cache<br>


&gt;          &gt;      11.<br>


&gt;          &gt;          Referer:<br>


&gt;          &gt;<br>


&gt;         <a href="http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327" rel="noreferrer" target="_blank">http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327</a><br>


&gt;          &gt;<br>


&gt;          &gt;<br>


&gt;          &gt;<br>


&gt;          &gt;<br>


&gt;          &gt; POST HEADER<br>


&gt;          &gt;<br>


&gt;          &gt;           1.<br>


&gt;          &gt;              Remote Address:<br>


&gt;          &gt; <a href="http://172.26.209.66:443" rel="noreferrer" target="_blank">172.26.209.66:443</a> &lt;<a href="http://172.26.209.66:443" rel="noreferrer" target="_blank">http://172.26.209.66:443</a>&gt;<br>


&gt;         &lt;<a href="http://172.26.209.66:443" rel="noreferrer" target="_blank">http://172.26.209.66:443</a>&gt;<br>


&gt;          &gt;           2.<br>


&gt;          &gt;              Request URL:<br>


&gt;          &gt;<br>


&gt;         <a href="https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post" rel="noreferrer" target="_blank">https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post</a><br>


&gt;          &gt;           3.<br>


&gt;          &gt;              Request Method:<br>


&gt;          &gt;              POST<br>


&gt;          &gt;           4.<br>


&gt;          &gt;              Status Code:<br>


&gt;          &gt;              403 Forbidden<br>


&gt;          &gt;       1. Response Headersview source<br>


&gt;          &gt;           1.<br>


&gt;          &gt;              Access-Control-Allow-Origin:<br>


&gt;          &gt; <a href="http://localhost:8383" rel="noreferrer" target="_blank">http://localhost:8383</a><br>


&gt;          &gt;           2.<br>


&gt;          &gt;              Connection:<br>


&gt;          &gt;              keep-alive<br>


&gt;          &gt;           3.<br>


&gt;          &gt;              Content-Length:<br>


&gt;          &gt;              195<br>


&gt;          &gt;           4.<br>


&gt;          &gt;              Content-Type:<br>


&gt;          &gt;              application/json<br>


&gt;          &gt;           5.<br>


&gt;          &gt;              Date:<br>


&gt;          &gt;              Thu, 27 Aug 2015 18:44:39 GMT<br>


&gt;          &gt;           6.<br>


&gt;          &gt;              Server:<br>


&gt;          &gt;              WildFly/8<br>


&gt;          &gt;           7.<br>


&gt;          &gt;              X-Policy-Failure-Code:<br>


&gt;          &gt;              400<br>


&gt;          &gt;           8.<br>


&gt;          &gt;              X-Policy-Failure-Message:<br>


&gt;          &gt;              CORS: Invalid preflight request; must use<br>


&gt;         OPTIONS verb.<br>


&gt;          &gt;           9.<br>


&gt;          &gt;              X-Policy-Failure-Type:<br>


&gt;          &gt;              Authorization<br>


&gt;          &gt;          10.<br>


&gt;          &gt;              X-Powered-By:<br>


&gt;          &gt;              Undertow/1<br>


&gt;          &gt;       2. Request Headersview source<br>


&gt;          &gt;           1.<br>


&gt;          &gt;              Accept:<br>


&gt;          &gt;              application/json, text/plain, */*<br>


&gt;          &gt;           2.<br>


&gt;          &gt;              Accept-Encoding:<br>


&gt;          &gt;              gzip, deflate<br>


&gt;          &gt;           3.<br>


&gt;          &gt;              Accept-Language:<br>


&gt;          &gt;              en-US,en;q=0.8,ar;q=0.6<br>


&gt;          &gt;           4.<br>


&gt;          &gt;              Authorization:<br>


&gt;          &gt;              Bearer<br>


&gt;          &gt;<br>


&gt;         eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ<br>


&gt;          &gt;           5.<br>


&gt;          &gt;              Cache-Control:<br>


&gt;          &gt;              no-cache<br>


&gt;          &gt;           6.<br>


&gt;          &gt;              Connection:<br>


&gt;          &gt;              keep-alive<br>


&gt;          &gt;           7.<br>


&gt;          &gt;              Content-Length:<br>


&gt;          &gt;              0<br>


&gt;          &gt;           8.<br>


&gt;          &gt;              Host:<br>


&gt;          &gt;              dev-internal-api.expdev.local<br>


&gt;          &gt;           9.<br>


&gt;          &gt;              Origin:<br>


&gt;          &gt; <a href="http://localhost:8383" rel="noreferrer" target="_blank">http://localhost:8383</a><br>


&gt;          &gt;          10.<br>


&gt;          &gt;              Pragma:<br>


&gt;          &gt;              no-cache<br>


&gt;          &gt;          11.<br>


&gt;          &gt;<br>


&gt;          &gt; 12.<br>


&gt;          &gt;<br>


&gt;          &gt;<br>


&gt;          &gt;<br>


&gt;          &gt;<br>


&gt;          &gt; _______________________________________________<br>


&gt;          &gt; Apiman-user mailing list<br>


&gt;          &gt; <a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a> &lt;mailto:<a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a>&gt;<br>


&gt;          &gt; <a href="https://lists.jboss.org/mailman/listinfo/apiman-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/apiman-user</a><br>


&gt;          &gt;<br>


&gt;         _______________________________________________<br>


&gt;         Apiman-user mailing list<br>


&gt;         <a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a> &lt;mailto:<a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a>&gt;<br>


&gt;         <a href="https://lists.jboss.org/mailman/listinfo/apiman-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/apiman-user</a><br>


&gt;<br>


&gt;<br>


&gt;<br>


<br>


_______________________________________________<br>


Apiman-user mailing list<br>


<a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a><br>


</div></div><a href="https://lists.jboss.org/mailman/listinfo/apiman-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/apiman-user</a><br>


</blockquote></div><br></div>


</div></div></blockquote></div><br></div>