Hi Jo,
On 5 September 2014 15:19, Joseph Fonseka <jos...@wso2.com> wrote: > Hi > > In AM 1.7.1 "Access-Control-Allow-Methods" header is not getting set by > the handler. When trouble shooting I found that particular line is > commented. was there a reason to remove it ? > Yes. When we had this, the configured Access-Control-Allow-Methods header value was completely overriding the actual value sent in the response for that header. As a result if someone checks the Methods supported by the API (with Max-Forwards:0) or the back-end service by sending an OPTIONS call to the API, the value is not correct. Therefore we decided to remove this header and only depend on the Access-Control-Allow-Methods value sent from the back-end service for Swagger call [1]. [1]https://wso2.org/jira/browse/APIMANAGER-2128 > If "Access-Control-Allow-Methods" is not present PUT and DELETE requests > will not work in swagger console + other web clients. > May be we can check whether actual response contains this header and if not add the header with the methods only exposed by the API's resources. Thanks, Lakmali > > Thanks > Jo > > > -- > > -- > *Joseph Fonseka* > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: +94 772 512 430 > skype: jpfonseka > > * <http://lk.linkedin.com/in/rumeshbandara>* > > -- Lakmali Baminiwatta Senior Software Engineer WSO2, Inc.: http://wso2.com lean.enterprise.middleware mobile: +94 71 2335936 blog : lakmali.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
