Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-6569

Support multiple domains in CORS Request Handling Apicast Policy

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Major
    • None
    • None
    • Gateway
    • None
    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Yes
    • +
    • Undefined

    Description

      Currently, ActiveDocs OAS3 requests are being blocked by CORS browsers security features.
      Using CORS Request Handling Apicast Policy allows to enable CORS for a single domain. It is also possible to use a wildcard * to enable any domain, but that's insecure and we shouldn't ask clients to do that.
      We need to enable CORS for multiple domains in order to be able to add both the Admin and the Dev Portal domains

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. THREESCALE-5736 Developer portal OAS documentation cannot execute request

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is documented by

          Task - Represents a small unit of work that is not end-user facing. THREESCALE-1743 [Doc] Document improvements to import of OAS in ActiveDocs

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Activity

            People

              Unassigned Unassigned
              damianpm Damian Peralta (Inactive)
              David Rajnoha David Rajnoha (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: