Solved: GET 200 Response, with CORS Error

ArpitSrv · 05-18-2022 07:11 PM

We are using Angular in the front end and NodeJS in the backend. We are getting the response from the backend in the API proxy and proxy is sending the response back to the client as well. In the browser we see GET 200 OK with CORS error. We can't see the response as well. Response is received using postman (curl). Below is the CORS policy -

CORS added to the pre flgiht and Auth -

Added CORS in Target Endpoint pre flow

Request & Response headers from browser -

We are using OAuth 2.0 for authentication between browser and API - could that be an issue and should we use basic authentication instead?

ArpitSrv

I have found the issue. THis was happening because the headers in response were getting replicated thrice and not matching with the request headers.

I had to remove add-cors policy from Auth and Preflow in Target Endpoint to resolve the issue.

View solution in original post

dknezic

I'd suggest using the debug/trace against your API proxy so you can see the individual API requests getting processed. This will help you identify for example if a condition doesn't exactly match the request causing the cors policy to not get included.

ArpitSrv

I have found the issue. THis was happening because the headers in response were getting replicated thrice and not matching with the request headers.

I had to remove add-cors policy from Auth and Preflow in Target Endpoint to resolve the issue.

dchiesa1

Glad you found it. You can avoid duplicating headers by using AssignMessage/Set/Headers instead of AssignMessage/Add/Headers . The former is idempotent, the latter is not.