CA Live API Creator: CORS error while invoking custom endpoint
book
Article ID: 74937
calendar_today
Updated On:
Products
CA API Gateway (Layer 7)SA94 to API SECURITYSTARTER PACK-7CA Rapid App SecurityMOBILE API GATEWAYCA Mobile - API GatewayCA API Gateway
Issue/Introduction
When invoking a custom endpoint you may receive the below error:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Environment
Release: Component: APILAC
Resolution
LAC versions up to 4.0 does not allow for extraneous headers to fully support this type of CORS request. Starting with LAC 4.1, you have complete flexibility to handle CORS in any way you want.