Calling Api using Open Api Specs shows error Fails to Fetch

Here when i hit api using POSTMAN it works fine but as i use open api specs, hits api it show error Failed to fetch.

See screenshot:

6753-error.png

Error in Console is:

nikhilpurohit-eval-test.apigee.net/v1/corsconversion Failed to load resource: the server responded with a status of 404 (Resource not found) c3Rvc-ZG9j-76984:1 Failed to load https://nikhilpurohit-eval-test.apigee.net/v1/corsconversion: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://apigee.com' is therefore not allowed access.

The response had HTTP status code 404. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I attached my revision copy as well as ope api specs

corsconversion-rev1-2018-04-13.zip

openspecs.txt

Thanks

Nikhil Purohit

0 10 3,440
10 REPLIES 10

Not applicable

Hi Nikhil, this happened to me as well but only with "http", for "https" i am getting the expected response.

But for me both giving same error

Hello @Nikhil Purohit,

This happens to me as well due to CORS headers that is not being sent from Swagger editor. Could you please upload your spec in developer portal or console location from where you could able to make call.

Let me know if this works.

Thanks,

Karthik

Ya i did this but still it showing same. i already attached OpenSpec so you can use it and resolve bug

Let me check

revision is also attached

Yes, you need to enable CORS for your proxies.

I used a Shared Flow for CORSPreFlow and CORSPostFlow, then add those as Flow Hooks on PreProxy and PostProxy. That way I don't have to mess with each of my proxies.

The PreFlow extracts the headers and assigns them to the response via a RaiseFault on OPTIONS.

You will need to adjust your fault rules if you use them, to ignore the Raise Fault (RF-CORS-Pre-Flight), but you could use a Shared Flow for fault rules too.

See attached.

corspreflow-rev1-2018-04-13.zip

corspostflow-rev1-2018-04-13.zip

@Nikhil Purohit

I looked at your code, the proxy definition needed some changes, please update your code with the following

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ProxyEndpoint name="default">
    <Description/>
    <PreFlow name="PreFlow">
        <Request>
            <Step>
                <Name>JavaScript-1</Name>
                <Condition>request.verb != "OPTIONS"</Condition>
            </Step>
        </Request>
        <Response/>
    </PreFlow>
    <Flows>
        <Flow name="OptionsPreFlight">
            <Request/>
            <Response>
                <Step>
                    <Name>add-cors</Name>
                </Step>
            </Response>
            <Condition>request.verb == "OPTIONS" AND request.header.origin != null AND request.header.Access-Control-Request-Method != null</Condition>
        </Flow>
    </Flows>
    <PostFlow name="PostFlow">
        <Request/>
        <Response/>
    </PostFlow>
    <HTTPProxyConnection>
        <BasePath>/v1/corsconversion</BasePath>
        <Properties/>
        <VirtualHost>default</VirtualHost>
        <VirtualHost>secure</VirtualHost>
    </HTTPProxyConnection>
    <RouteRule name="NoRoute">
        <Condition>request.verb == "OPTIONS" AND request.header.origin != null AND request.header.Access-Control-Request-Method != null</Condition>
    </RouteRule>
    <RouteRule name="default">
        <TargetEndpoint>default</TargetEndpoint>
    </RouteRule>
</ProxyEndpoint>

There were issues with the NoRoute RouteRule, you had a <Flows/> tag after the Flow and few others. I was able to make a call from the CORS tester (https://www.test-cors.org) and it worked. However it did not work from the spec editor. I tried the same from editor.swagger.io as well. I was seeing an error. Looks like its an issue with the editor. However the response works as expected

@marshg - would you be able to help with the error we see in the spec editor ?