Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-6569

Support multiple domains in CORS Request Handling Apicast Policy

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • Gateway
    • None
    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Yes
    • +
    • Undefined

      Currently, ActiveDocs OAS3 requests are being blocked by CORS browsers security features.
      Using CORS Request Handling Apicast Policy allows to enable CORS for a single domain. It is also possible to use a wildcard * to enable any domain, but that's insecure and we shouldn't ask clients to do that.
      We need to enable CORS for multiple domains in order to be able to add both the Admin and the Dev Portal domains

            Unassigned Unassigned
            damianpm Damian Peralta (Inactive)
            David Rajnoha David Rajnoha (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: