And this rule seems that is working because now, I get this other other problem:
XMLHttpRequest cannot load http://domain.com:3000/api/public/activity/me/XXXXXX/XXXX/4/10/2016/12/10/2016/?p=-1&res=day. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://dev.airgateway.net' is therefore not allowed access. The response had HTTP status code 400.
In the ngnix I allow Access-Control-Allow-Origin.
So… what is the way to allow CORS in the dashboard (the port 3000 is used by dashboard… so I suppose it is which must allow CORS)??
the Dashboard doesn’t handle CORS. So I suggest proxying the Dash API or inject headers in an other level.
Can you be more clear on what do you mean by “In the ngnix I allow Access-Control-Allow-Origin.” ?
There are no CORS settings for the dashboard API if you want to use those system endpoints in an AJAX request - you will need to proxy the dashboard endpoint as an API via Tyk gateway to add CORS support :-S