问题
I am using angular client to call a rest api in wso2 which is exposed from a data service not directly built as an api and also tried many solutions provided in stack overflow and also wso2 documentation , nothing helps.
回答1:
With regard to OPTIONS requests in the preflight, the WSO2 Enterprise Integrator (EI) behaves as follows depending on the implementation of the API.
- If we have defined OPTIONS as a resource method, then EI sends the request to the backend service to collect the information.
- If we have not defined OPTIONS as the resource method, then EI just replies back with the "Allow" header with the allowed methods without further sending the request to service.
In order to allow the above API to cater cross-origin requests please include the following resource in the API.
<resource methods="OPTIONS" uri-template="/*">
<inSequence>
<property name="Access-Control-Request-Headers" value="authorization,content-type" scope="transport"/>
<property name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" scope="transport"/>
<property name="Access-Control-Allow-Headers" value="*" scope="transport" type="STRING"/>
<property name="Access-Control-Allow-Origin" value="*" scope="transport"/>
<property name="RESPONSE" value="true" scope="default" type="STRING"/>
<respond/>
</inSequence>
</resource>
Please note that the above sample is set with the properties to allow all origins and all headers and you can configure the above properties according to your requirement. Instead of the above wildcards ("*") it's possible to use specific values including the following origin value which has been restricted.
来源:https://stackoverflow.com/questions/50927231/wso2-ei-giving-preflight-request-cors-error-while-requesting-from-angular-client