<div dir="ltr"><div>Hi Scott,</div><div><br></div>This is a symptom of an issue that was fixed in the latest verions of apiman, please upgrade to 1.3.1.Final if possible and let me know if everything seems to be working fine.</div><div class="gmail_extra"><br><div class="gmail_quote">On 26 September 2017 at 17:15, Scott Elliott <span dir="ltr"><<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Something wrong with io.apiman.gateway.engine.<wbr>beans.util.<wbr>CaseInsensitiveStringMultiMap.<wbr> The response headers start off with:<div><br></div><div>[Server=Jetty(9.2.19.<wbr>v20160908), null, null, Date=Tue, 26 Sep 2017 16:08:00 GMT, null, Content-Type=text/html; charset=ISO-8859-1, null, null, null, X-RateMonitor-Limit=1000, null, WWW-Authenticate=Bearer realm="mytest", error="invalid_token", error_description="Token is not active", X-RateMonitor-Remaining=998, null, null, null, X-RateMonitor-Reset=3119, null, null, null, null, null, null, null, null, null, null, null, null, null, null, Cache-Control=must-revalidate,<wbr>no-cache,no-store]<br></div><div><br></div><div>and after the CORS headers are merged, it's:</div><div><br></div><div>{Access-Control-Allow-<wbr>Credentials => [true, Bearer realm="mytest", error="invalid_token", error_description="Token is not active"], Access-Control-Allow-Origin => [<a href="http://blah.com" target="_blank">http://blah.com</a>, Jetty(9.2.19.v20160908)], Cache-Control => [must-revalidate,no-cache,no-<wbr>store], Content-Type => [text/html; charset=ISO-8859-1], Date => [Tue, 26 Sep 2017 16:08:00 GMT], Server => [Jetty(9.2.19.v20160908)], WWW-Authenticate => [Bearer realm="mytest", error="invalid_token", error_description="Token is not active"], X-RateMonitor-Limit => [1000], X-RateMonitor-Remaining => [998], X-RateMonitor-Reset => [3119]}<br></div><div><br></div><div>The "Server" value and the Access-Control-Allow-Origin are somehow merged.</div></div><div class="HOEnZb"><div class="h5"><br><div class="gmail_quote"><div dir="ltr">On Tue, Sep 26, 2017 at 11:56 AM Scott Elliott <<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">1.2.8.Final</div><br><div class="gmail_quote"><div dir="ltr">On Tue, Sep 26, 2017 at 8:04 AM Marc Savy <<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Scott,<div><br></div><div>Which version of Apiman are you using?</div><div><br></div><div>Regards,</div><div>Marc</div></div><div class="gmail_extra"><br><div class="gmail_quote"></div></div><div class="gmail_extra"><div class="gmail_quote">On 26 September 2017 at 00:10, Scott Elliott <span dir="ltr"><<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>></span> wrote:<br></div></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Why, when the CORS policy plugin is used, do I get multiple Access-Control-Allow-Origin headers in the response. From curl:<div><br></div><div>Origin: <a href="http://blah.com" target="_blank">http://blah.com</a></div><div><br></div><div>Access-Control-Allow-Origin: <a href="http://blah.com" target="_blank">http://blah.com</a></div><div>Access-Control-Allow-Origin: Jetty(9.2.19.v20160908)</div><div><br></div><div>Chrome does not like the multiple headers, so the API request fails.</div><div><br></div><div><br></div><div><div><br></div><div><br></div></div></div>
<br></blockquote></div></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">______________________________<wbr>_________________<br>
Apiman-user mailing list<br>
<a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/apiman-user" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/apiman-user</a><br>
<br></blockquote></div><br></div>
</blockquote></div></blockquote></div>
</div></div></blockquote></div><br></div>