Layer7 API Management

Expand all | Collapse all

multiple Access-Control-Allow-Origin header values

Jump to Best Answer
  • 1.  multiple Access-Control-Allow-Origin header values

    Posted 01-16-2019 12:16 PM

    Hello, 

     

    I get the below error message :

    Access to XMLHttpRequest at '{CA Proxy location}' from origin {Client UI location } has been blocked by CORS policy : The 'Access-Control-Allow-Origin' header contains multiple values '*, {Client UI location }, but only one is allowed.

     

    In the Process CORS Request properties assertion, Accepted Origins tab has 'Allow All' option selected.

    I couldn't find any other location where it might have got added twice.

     

    Please suggest.



  • 2.  Re: multiple Access-Control-Allow-Origin header values
    Best Answer

    Posted 01-16-2019 12:28 PM

    Found the solution, in the Route via assertion, it was added in the reponse header.

    Afer removing that entry, I get only one entry in the Network tab on Chrome - Dev Tools with below value.

    access-control-allow-origin : *