Details
-
Feature Request
-
Resolution: Done
-
Major
-
2.9.1 GA
-
3
-
False
-
False
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Yes
-
+
-
0
-
0%
-
Undefined
-
https://gitlab.cee.redhat.com/red-hat-3scale-documentation/3scale-documentation/-/merge_requests/750, https://gitlab.cee.redhat.com/red-hat-3scale-documentation/3scale-documentation/-/merge_requests/748, https://gitlab.cee.redhat.com/red-hat-3scale-documentation/3scale-documentation/-/merge_requests/690, https://gitlab.cee.redhat.com/red-hat-3scale-documentation/3scale-documentation/-/merge_requests/747, https://gitlab.cee.redhat.com/red-hat-3scale-documentation/3scale-documentation/-/merge_requests/751
-
3scale-doc-2021-08-02, 3scale-doc-2021-09-06, 3scale-doc-2021-09-27
Description
CORS policy is great and easy to use to enable CORS requests. It would be even better, if also browser caching of the CORS response would be enabled / configurable. Therefore the standard header 'Access-Control-Max-Age' should be available in CORS policy.
Version
all / latest
Current Result
Only the following headers are set:
Access-Control-Allow-Headers
Access-Control-Allow-Methods
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
Max Age is missing and would help to avoid unnecessary OPTIONS calls before every request.
Expected Result
Add a configurable (maybe default 600) Access-Control-Max-Age Header to CORS Response