Layer7 API Management

Expand all | Collapse all

CORS Failing in IE when passing 3 headers

Jump to Best Answer
  • 1.  CORS Failing in IE when passing 3 headers

    Posted 04-10-2018 10:22 AM

    I have HTTP GET/POST request where I need to pass 2 headers ( id and secret).Whenever I am trying access this resource from IE, it always fail with error message 

    SEC7123: Request header secret was not present in the Access-Control-Allow-Headers list.

    However this works perfectly fine when I am trying access from Mozilla/Chrome. Also if I pass only one header in place of 2, this request goes through.

     

    headers: {

                                                      'Content-Type':'application/x-www-form-urlencoded',

                                                      'Id': '**************************',                  

                                                      'Secret':'428******723989'

                                          }

     

    Can somebody help us ?



  • 2.  Re: CORS Failing in IE when passing 3 headers

    Posted 04-17-2018 04:37 AM

    Any body has got any idea on this issue ? Really appreciate is somebody can help me here...



  • 3.  Re: CORS Failing in IE when passing 3 headers
    Best Answer

    Posted 09-24-2018 03:16 PM

    I've been messing with this issue also and we've found a fix for it.

    CA API gateway will be returning multiple headers of Access-Control-Allow-Headers.

    IE will only process the first one, throwing an error when you're expecting multiple values as you described.

     

    Here's the fix:

    cors IE fix ca api



  • 4.  Re: CORS Failing in IE when passing 3 headers

    Posted 10-10-2018 12:59 PM

    This worked for me as well when I encountered the same issue. I was told by CA that they fixed this in 9.3, however I'm running 9.3 and it still seems to be an issue in IE 11. Using these assertions was the only way I could get around it. 



  • 5.  Re: CORS Failing in IE when passing 3 headers

    Posted 10-12-2018 08:22 AM

    Found same issue with CORS and IE 11. Thanks for the info !

     

    regards, Roberto