{ Community }
  • Academy
  • Docs
  • Developers
  • Resources
    • Community Articles
    • Apigee on GitHub
    • Code Samples
    • Videos & eBooks
    • Accelerator Methodology
  • Support
  • Ask a Question
  • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Topics
    • Questions
    • Articles
    • Ideas
    • Leaderboard
    • Badges
  • Log in
  • Sign up

Get answers, ideas, and support from the Apigee Community

  • Home /
  • General /
avatar image
0
Question by Daniel Gerep · Nov 01, 2016 at 12:49 PM · 408 Views api proxyjavascriptheaderscorsrequestsheaderrequest header

CORS on APIStudio but not on APIAry

Hello good people!

I'm using APIStudio and I'm trying to reach my server but it always returns a CORS problem.

The weird part is that the same YAML on APIAry works! Only on APISudio I get a missing Access-Control-Allow-Origin.

I have a policy for CORS:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="add-cors">
    <DisplayName>Add CORS</DisplayName>
    <FaultRules/>
    <Properties/>
    <Add>
        <Headers>
            <Header name="Access-Control-Allow-Origin">*</Header>
            <Header name="Access-Control-Allow-Headers">*</Header>
            <Header name="Access-Control-Max-Age">3628800</Header>
            <Header name="Access-Control-Allow-Methods">GET, PUT, POST, DELETE</Header>
        </Headers>
    </Add>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="https" type="response"/>
</AssignMessage>

This is what I have in my console:

vendor.js:3 OPTIONS https://ml_corp-dev.apigee.net/v1/transports/ordersdraft send @ vendor.js:3ajax @ vendor.js:3y @ scripts.js:2fn @ VM13909:4e @ vendor.js:8$eval @ vendor.js:6$apply @ vendor.js:6(anonymous function) @ vendor.js:8dispatch @ vendor.js:2q.handle @ vendor.js:2
/a671b05a-09c8-43a5-95ab-678f655e7967/#/:1 XMLHttpRequest cannot load https://ml_corp-dev.apigee.net/v1/transports/ordersdraft. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://playground.apistudio.io' is therefore not allowed access. The response had HTTP status code 401.
Comment
Add comment
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Close

1 Answer

  • Sort: 
avatar image
0

Answer by sim.maun · Nov 15, 2016 at 03:31 PM

Hi,

I am facing the same issue from API Studio. I have attached the same Cors policy in the target endpoint response as suggested and I still see this error.

I am keeping a keen eye on this thread incase anyone from apigee team responds.

Regards,

S

Comment
Add comment Show 1 · Link
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Daniel Gerep · Nov 16, 2016 at 10:53 AM 0
Link

Hi @sim.maun! The only way I found to solve this was installing this Chrome extension

With this extension you will be able to disable CORS.

Follow this Question

Answers Answers and Comments

28 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

Headers with ',' in Javascript 2 Answers

How to check for FileTypes and set the Cors origin 1 Answer

Header values from UI angular application is not reaching the API proxy 1 Answer

How do you add headers when making a request in a trace session? 2 Answers

When a response passes through Apigee from target server, the header Cache-Control gets dropped. What should be the reason behind this ? 1 Answer

  • Products
    • Edge - APIs
    • Insights - Big Data
    • Plans
  • Developers
    • Overview
    • Documentation
  • Resources
    • Overview
    • Blog
    • Apigee Institute
    • Academy
    • Documentation
  • Company
    • Overview
    • Press
    • Customers
    • Partners
    • Team
    • Events
    • Careers
    • Contact Us
  • Support
    • Support Overview
    • Documentation
    • Status
    • Edge Support Portal
    • Privacy Policy
    • Terms & Conditions
© 2019 Apigee Corp. All rights reserved. - Apigee Community Terms of Use - Powered by AnswerHub
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Create an article
  • Post an idea
  • Spaces
  • Product Announcements
  • General
  • Edge/API Management
  • Developer Portal (Drupal-based)
  • Developer Portal (Integrated)
  • API Design
  • APIM on Istio
  • Extensions
  • Business of APIs
  • Academy/Certification
  • Analytics
  • Events
  • Hybrid
  • Integration (AWS, PCF, Etc.)
  • Microgateway
  • Monetization
  • Private Cloud Deployment
  • Insights
  • IoT Apigee Link
  • BaaS/Usergrid
  • BaaS Transition/Migration
  • Apigee-127
  • New Customers
  • Explore
  • Topics
  • Questions
  • Articles
  • Ideas
  • Members
  • Badges