Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-6556

Add configurable Access-Control-Max-Age header to CORS policy

    XMLWordPrintable

Description

    CORS policy is great and easy to use to enable CORS requests. It would be even better, if also browser caching of the CORS response would be enabled / configurable. Therefore the standard header 'Access-Control-Max-Age' should be available in CORS policy.

    Version
    all / latest

    Current Result
    Only the following headers are set:

    Access-Control-Allow-Headers
    Access-Control-Allow-Methods
    Access-Control-Allow-Origin
    Access-Control-Allow-Credentials

    Max Age is missing and would help to avoid unnecessary OPTIONS calls before every request.

    Expected Result
    Add a configurable (maybe default 600) Access-Control-Max-Age Header to CORS Response

    Attachments

      Activity

        People

          Unassigned Unassigned
          rhn-support-cpalmier Carlo Palmieri
          Darren Fennessy Darren Fennessy
          Dominik Laso Dominik Laso
          Votes:
          0 Vote for this issue
          Watchers:
          7 Start watching this issue

          Dates

            Created:
            Updated:
            Resolved: