CA Live API Creator: CORS error while invoking custom endpoint
Article ID: 74937
Updated On:
Products
CA API Gateway (Layer 7)
SA94 to API SECURITY
STARTER PACK-7
CA Rapid App Security
MOBILE API GATEWAY
CA Mobile - API Gateway
CA API Gateway
Issue/Introduction
When invoking a custom endpoint you may receive the below error:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Environment
Release:
Component: APILAC
Component: APILAC
Resolution
LAC versions up to 4.0 does not allow for extraneous headers to fully support this type of CORS request.
Starting with LAC 4.1, you have complete flexibility to handle CORS in any way you want.
https://docops.ca.com/ca-live-api-creator/4-1/en/developing-apis/extensibility/event-handlers/
Starting with LAC 4.1, you have complete flexibility to handle CORS in any way you want.
https://docops.ca.com/ca-live-api-creator/4-1/en/developing-apis/extensibility/event-handlers/
Feedback
Yes
No
Powered by
