Hi @vrondot,
Thanks for your response.
We are running M8 on Azure and still having the issue (I have found a quick & dirty workaround by modifying the Python code but I'd rather avoid this option). The Virtual Service seems to be the way to go but it seems like it hasn't been added (yet) to the Azure Helm charts: https://community.opengroup.org/osdu/platform/deployment-and-operations/helm-charts-azure/-/tree/master/osdu-ddms/osdu-wellbore_dms/templates
@manishk, are there any plans to add Istio Virtual Services in the charts? Thank you.
The goal of this MR is to add support for unauthenticated OPTIONS (preflight) requests in Istio AuthorizationPolicy resources to allow CORS. Currently, single-page applications such as Angular apps are not able to call the OSDU APIs due to Istio rejecting unauthenticated OPTIONS requests sent by the user's browser.
Nicolas Heitz (10fcf57b) at 15 Jul 17:35
Add support for unauthenticated OPTIONS requests to allow CORS
We have an Angular application that creates trajectories using /api/os-wellbore-ddms/ddms/v2/trajectories
. But before the POST request is sent, the browser applies CORS principles and sends a preflight (OPTIONS
) request to the service which rejects it with a 405 Method Not Allowed
error. The OPTIONS
method doesn't seem to be allowed by the Wellbore DDMS service.
An easy way to test this:
curl -X OPTIONS https://<host>/api/os-wellbore-ddms/ddms/v2/trajectories -H 'Origin: http://localhost:8000' -H 'Access-Control-Request-Method: POST'
Would it be possible to allow the OPTIONS
method? With FastAPI it seems like it can be done with the allow_methods
parameter of the add_middleware
function, as documented on this page.
Thank you in advance.