I create api proxies and check the box that says “Enable Direct Browser Access for Your API \u2014 Allow direct requests from a browser via CORS.” but my OPTIONS requests are still failing with :<\/p>\n
{\n \"fault\": {\n \"faultstring\": \"Received 405 Response without Allow Header\",\n \"detail\": {\n \"errorcode\": \"protocol.http.Response405WithoutAllowHeader\"\n }\n }\n}\n<\/code><\/pre>\nFrom what I understand about CORS Pre-Flight Options requests, the client first sends the OPTIONS request to the server as a safeguard for “safe” CORS. This request should return a response with the list of request types<\/em> that are available.<\/p>\nMy Question:<\/strong> How do I make it so that Apigee responds correctly to OPTIONS requests and does not pass the OPTIONS request to my api behind the proxy?<\/strong>. If it helps I have AngularJS javascript apps trying to communicate with my Apigee endpoint.<\/p>\nJavascript errors:<\/p>\n
OPTIONS http:\/\/api.example.com No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http:\/\/client.example.com' is therefore not allowed access.\n\nXMLHttpRequest cannot load http:\/\/api.example.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http:\/\/client.example.com' is therefore not allowed access. \n<\/code><\/pre>\nDefault “Add CORS” xml<\/p>\n
\n Add CORS\n \n \n \n \n *\n origin, x-requested-with, accept\n 3628800\n GET, PUT, POST, DELETE\n \n \n true\n \n\n<\/code><\/pre>\nDefault Proxy Endpoints xml<\/p>\n
\n\n \n \n \n \n \n \n \n \/v1\/cnc\n default\n secure\n \n \n default\n \n \n \n \n \n\n<\/code><\/pre>\nDefault Target Endpoint xml<\/p>\n
\n\n \n \n \n \n \n \n Add-CORS\n \n \n \n \n http:\/\/api.example.com\/v1\/assets.json\n \n \n \n \n \n\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"I create api proxies and check the box that says “Enable Direct Browser Access for Your API \u2014 Allow direct requests from a browser via CORS.” but my OPTIONS requests are still failing with : { “fault”: { “faultstring”: “Received 405 Response without Allow Header”, “detail”: { “errorcode”: “protocol.http.Response405WithoutAllowHeader” } } } From what I […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-8176","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/8176","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=8176"}],"version-history":[{"count":1,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/8176\/revisions"}],"predecessor-version":[{"id":8558,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/8176\/revisions\/8558"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=8176"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=8176"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=8176"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}