I have setup some API for angular consumption, but I get CORS issues from prefligth options. I set up an API for OPTIONS and an API for POST.
Reading here and there, I got this:
<property description="Request-Headers" name="Access-Control-Request-Headers" scope="transport" type="STRING" value="*"/>
<property description="Allow-Methods" name="Access-Control-Allow-Methods" scope="transport" type="STRING" value="OPTIONS POST"/>
<property description="Allow-Headers" name="Access-Control-Allow-Headers" scope="transport" type="STRING" value="*"/>
<property description="Allow-Origin" name="Access-Control-Allow-Origin" scope="transport" type="STRING" value="*"/>
<property description="application-json" name="ContentType" scope="axis2" type="STRING" value="application/json"/>
<property description="RESPONSE" name="RESPONSE" scope="default" type="STRING" value="true"/>
The request get property logged to a log mediator to the option api, but when I test the api, my configuration isn't set:
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods:
Access-Control-Request-Headers: *
Host: localhost:8290
Access-Control-Allow-Headers: content-type
Content-Type: text/plain; charset=UTF-8
Date: Tue, 10 Nov 2020 01:17:25 GMT
Transfer-Encoding: chunked
{
"status": "ok"
}
Specifically Allow-Methods is my principal concern
The easiest way I found, was to leverage cors authentication to nginx, and use nginx as loadbalancer infront of wso2...