If I understand your questions correctly: by default CORS does not allow
any custom headers to be sent in the request. This means that Apiman does
not receive the X-API-Key header and necessarily can't figure out how to
route the request. The same CORS restriction does not exist with query
parameters so if you provide it with the query param you'll be okay.
Perhaps a (partial) solution to some of these kinds of CORS issues is for
Apiman to always indicate that the X-API-Key header is allowed.
Regards,
Marc
On 27 September 2017 at 05:35, Celso Agra <celso.agra(a)gmail.com> wrote:
Hi all,
I got some errors with CORS plugin when I try to use my API with a
contract.
So, I consume my API passing info through header, such as: Authorization,
Content-Type, and X-API-Key.
I'm talking about a javascript application. So, CORS is a problem for that
language.
When I configure my contract to allow Cross-Origin, the error still there,
but if I put my X-API-Key, as a query parameter, the CORS works fine.
Does anyone could help me to understand that?
I'm concerned to pass my contract as a query parameter. It should be on
Header of my Http Request.
Please, help me to understand if it is a behaviour of the application and
how can I solve this without use query param.
Best Regards,
--
---
*Celso Agra*
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user