Layer7 API Management

  • Private Community

  • 1.  Process CORS Request Assertion on API Gateway 9.1

    Posted Sep 14, 2016 11:07 AM

    Hi All,

     

    To implement CORS functionality in our gateway , we have mentioned few Accepted Header and Allowed Methods to Process CORS Request Assertion .

     

    Is it possible to set those Accepted Header and Allowed Methods values in response headers? If yes please suggest me on how to implement.

     

    And what is the purpose of variable.prefix in Process CORS Request Assertion . Can we extract specified details with it ?

     

     

    Thanks in advance.

    Suneel

     



  • 2.  Re: Process CORS Request Assertion on API Gateway 9.1

    Broadcom Employee
    Posted Sep 16, 2016 01:21 PM

    Suneel,

     

    Good afternoon. The CORS assertion will set the Access-Control-Allow-Origin,Access-Control-Allow-Methods,Access-Control-Allow-Headers, and Access-Control-Max-Age headers when the Option HTTP method is used along with specified values in each of the tabs of the assertion during the pre-flight test.

     

    As for the variable prefix, it is used to create a prefix to the following context variables that can be used in additional policy logic.

     

    <prefix>.isPreflight     
    Returns "true" if the request is a preflight request, otherwise returns "false".

     

    <prefix>.isCORS     

     

    Returns "true" if the request is a CORS request (contains the Origin header), otherwise returns "false".

     

    Note: This variable always returns "true" if <prefix>.isPreflight is "true".

     

    Sincerely,

     

    Stephen Hughes
    Director, CA Support