CORS and OPTIONS preflight requests

bkomac · March 9, 2022, 11:54am

If I want to use rewrites for some endpoints, do I need to configure rewrite rule also for OPTIONS method for CORS to be managed by Tyk?

Without explicit rewrite rule for OPTIONS, I get 404 not found responses for preflight requests. Am I missing something?

 {
    "path": "{apikey}/intake/v2/rum/events",
    "method": "POST",
    "match_pattern": "(.*)",
    "rewrite_to": "/intake/v2/rum/events"
 },

CORS config part:

"CORS": {
        "enable": true,
        "allowed_origins": [
            "https://*.mydomain.com",
            "http://*.mydomain.com"
        ],
        "allowed_methods": [
            "GET",
            "POST",
            "HEAD"
        ],
        "allow_credentials": true,
        "max_age": 24,
        "options_passthrough": false
    },

Olu · March 11, 2022, 2:12pm

Hi @bkomac, could you answer a couple of questions:

What is your client? (meaning where are you making the initial request from)
Does upstream service support CORS?

bkomac · March 11, 2022, 2:42pm

hi,
I’m testing from Postman.
Upstream does not support CORS. I want Tyk to manage it.

Tnx.

bkomac · March 15, 2022, 9:10am

It looks like the problem is on our load balancer (F5), because we are routing different endpoints to different gateways (old one and Tyk). Weird s…t happens in single page apps, where the connection is reused.

Olu · March 15, 2022, 9:46am

Great! I already had a draft prepared stating I couldn’t get the same 404s and maybe enabling debug mode for cors and checking debug logs might show what the issue is.

Glad to know the issue was discovered.