[Apiman-user] How to configure CORS in APIMan? Problems with Headers in ajax
Marc Savy
marc.savy at redhat.com
Mon Jan 2 15:04:29 EST 2017
I addressed this for Celso over JIRA.
Summary:
- In general, if you're using CORS you should probably use the query
parameter to transmit your access token (if you have one). This is because
of a limitation to CORS preflight request phase which never transmits
custom headers.
- A separate issue was a bug (now fixed on master) where a data structure
would cause certain header-value fields to be mixed up in specific
circumstances.
On 28 December 2016 at 14:10, Celso Agra <celso.agra at gmail.com> wrote:
> Hi all,
>
> It's me again!
> So, I was looking for some solutions about my issue, and I found this:
> https://issues.jboss.org/browse/APIMAN-516
>
> It seems this issue still occurs with me. I tries to send some headers via
> ajax, and get this response:
>
>> XMLHttpRequest cannot load https://apiman.url. Response to preflight
>> request doesn't pass access control check: No 'Access-Control-Allow-Origin'
>> header is present on the requested resource. Origin '
>> http://192.168.56.22:8080' is therefore not allowed access. The response
>> had HTTP status code 500.
>
>
> Here is the Response Headers:
>
>> Connection:close
>> Content-Type:application/json
>> Date:Wed, 28 Dec 2016 13:54:08 GMT
>> Server:Apache/2.4.18 (Ubuntu)
>> Transfer-Encoding:chunked
>> X-Gateway-Error:API not public.
>> X-Powered-By:Undertow/1
>
>
> and
>
> Here is the Request Headers:
>
>> Accept:*/*
>> Accept-Encoding:gzip, deflate, sdch, br
>> Accept-Language:pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4
>> Access-Control-Request-Headers:authorization, x-api-key
>> Access-Control-Request-Method:GET
>> Connection:keep-alive
>> Host: apiman.url
>> Origin:http://192.168.56.22:8080
>> Referer:http://192.168.56.22:8080/app
>> User-Agent:Mozilla/5.0 ...
>> Query String Parameters
>> view source
>> view URL encoded
>
>
> Does anyone has the same problem?
>
> Best regards,
>
> --
> ---
> *Celso Agra*
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20170102/f3c9a702/attachment.html
More information about the Apiman-user
mailing list