Hello good people!

I'm using APIStudio and I'm trying to reach my server but it always returns a CORS problem.

The weird part is that the same YAML on APIAry works! Only on APISudio I get a missing Access-Control-Allow-Origin.

I have a policy for CORS:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="add-cors">
    <DisplayName>Add CORS</DisplayName>
    <FaultRules/>
    <Properties/>
    <Add>
        <Headers>
            <Header name="Access-Control-Allow-Origin">*</Header>
            <Header name="Access-Control-Allow-Headers">*</Header>
            <Header name="Access-Control-Max-Age">3628800</Header>
            <Header name="Access-Control-Allow-Methods">GET, PUT, POST, DELETE</Header>
        </Headers>
    </Add>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="https" type="response"/>
</AssignMessage>

This is what I have in my console:

vendor.js:3 OPTIONS https://ml_corp-dev.apigee.net/v1/transports/ordersdraft send @ vendor.js:3ajax @ vendor.js:3y @ scripts.js:2fn @ VM13909:4e @ vendor.js:8$eval @ vendor.js:6$apply @ vendor.js:6(anonymous function) @ vendor.js:8dispatch @ vendor.js:2q.handle @ vendor.js:2
/a671b05a-09c8-43a5-95ab-678f655e7967/#/:1 XMLHttpRequest cannot load https://ml_corp-dev.apigee.net/v1/transports/ordersdraft. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://playground.apistudio.io' is therefore not allowed access. The response had HTTP status code 401.