问题
I'm using an API oAuth2 service where I pass back the token to the App. Normally there is a requirement to proxy the connection at the developer end but this is adding an additional speed penalty that will make Apigee too slow for usage.
Our App therefore XHR's the request directly, and this works fine on Safari but on Chrome the OPTIONS request to Apigee doesn't return allow-origin-*.
Do any of the Apigee developers know what the policy is here or whether they can enable it for OPTIONS as they do for other transport methods?
Regards, Andrew
回答1:
Andrew,
If I understand your question, you're asking how you could use Apigee to always return a specific header for all OPTIONS requests.
One way to do this is by using a conditional flow and an assign message policy.
For example, the condition would be:
<Condition>request.verb equals "OPTIONS"</Condition>
Hope that helps,
Marsh
来源:https://stackoverflow.com/questions/19991932/apigee-cors-allow-origin-on-options