A client-side javascript app is performing the following request:

DELETE /apiman-gateway/org/service/1.1/resource/7 HTTP/1.1
Host: 172.17.0.1:8080
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Authorization: Bearer $ACCESS_TOKEN
Referer: http://172.17.0.1:3000/
Origin: http://172.17.0.1:3000
Connection: keep-alive

But the gateway is performing the following request to the endpoint:

DELETE /service/rest/resource/7 HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Origin: http://172.17.0.1:3000
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Authorization: Bearer $ACCESS_TOKEN
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */*
Referer: http://172.17.0.1:3000/
Host: 172.17.0.1:8280
Content-Type: application/x-www-form-urlencoded
Content-Length: 0

Resulting in a 415 Unsupported Media Type at the endpoint.

GET, POST and PUT requests are OK.

Only using CORS Policy for this endpoint:

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, authrotization, content-type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Max-Age: 3600