I have HTTP GET/POST request where I need to pass 2 headers ( id and secret).Whenever I am trying access this resource from IE, it always fail with error message
SEC7123: Request header secret was not present in the Access-Control-Allow-Headers list.
However this works perfectly fine when I am trying access from Mozilla/Chrome. Also if I pass only one header in place of 2, this request goes through.
Can somebody help us ?
Any body has got any idea on this issue ? Really appreciate is somebody can help me here...
I've been messing with this issue also and we've found a fix for it.
CA API gateway will be returning multiple headers of Access-Control-Allow-Headers.
IE will only process the first one, throwing an error when you're expecting multiple values as you described.
Here's the fix:
This worked for me as well when I encountered the same issue. I was told by CA that they fixed this in 9.3, however I'm running 9.3 and it still seems to be an issue in IE 11. Using these assertions was the only way I could get around it.
Found same issue with CORS and IE 11. Thanks for the info !
Controls whether the Process CORS Request assertion uses multi-valued headers.