Describe the bug
Websites accessed outside of the API ML domain would like to consume REST APIs via API ML. Gateway supports handling CORS on behalf of registered REST APIs, with the opt-in flag accompanied by the allowed origins header. API ML v3 returns the correct headers provided by the service during registration. API ML v2 is accepting the opt-in flag, allowes request to pass to the targeted REST API, but doesn't set the allowed origins header, leading to an error in the browser.
Steps to Reproduce
- Start API ML v2
- Register service with CORS enabled and allowed headers
- execute cross site request from another website to this service
Expected behavior
Proper headers are being returned, and the browser allows the cross-site request to continue.
Describe the bug
Websites accessed outside of the API ML domain would like to consume REST APIs via API ML. Gateway supports handling CORS on behalf of registered REST APIs, with the opt-in flag accompanied by the allowed origins header. API ML v3 returns the correct headers provided by the service during registration. API ML v2 is accepting the opt-in flag, allowes request to pass to the targeted REST API, but doesn't set the allowed origins header, leading to an error in the browser.
Steps to Reproduce
Expected behavior
Proper headers are being returned, and the browser allows the cross-site request to continue.