CORS | Send back null headers from all services so that istio CORS policy honored
- Feature: Implement CORS
- We update CORS policy in istio
- Currently all services send back hardcoded response headers due to which istio's CORS is not implemented.
- Created a new class in core-lib-azure which implements Filter. It sends back null headers from all services so that istio CORS policy honored.
Response: 403 - CORS Error for different origin - Expected
Console: Access to XMLHttpRequest at 'https://mstest3338.oep.ppe.azure-int.net/api/file/v2/files/uploadURL' from origin 'https://www.test-cors.org' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Response: 200 response for valid origin – Expected Result **Updated istio CORS to allow origin https://www.test-cors.org
Edited by Srishti Sharma