You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Envoy service start and work. When I make request with curl -H "Origin: https://example.com" https://example.com curl return response without header access-control-allow-methods and access-control-allow-headers:
access-control-allow-methods and access-control-allow-headers are only be added to the response to the prefight request. And typically you send a single cors request witch is not prefight request.
You can send a prefight request by set the request method to OPTION and add additional Access-Control-Request-Method header.
Title: Envoy CORS missing headers
Description:
I'm trying to add a CORS policy to my vhost in the ingress listener:
Envoy service start and work. When I make request with curl -H "Origin: https://example.com" https://example.com curl return response without header access-control-allow-methods and access-control-allow-headers:
How I can add missing headers to Envoy response?
Tested on envoy versions 1.23.1, 1.30.1
The text was updated successfully, but these errors were encountered: