You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@openwhisk.apache.org by GitBox <gi...@apache.org> on 2018/06/01 16:05:24 UTC

[GitHub] akrabat opened a new issue #307: API Gateway removes Access-Control-Allow-Headers header

akrabat opened a new issue #307: API Gateway removes Access-Control-Allow-Headers header
URL: https://github.com/apache/incubator-openwhisk-apigateway/issues/307
 
 
   Given an action that looks like this:
   
   ```php
   <?php
   function main(array $args) : array
   {
       return [
           'statusCode' => 301,
           'headers' => [
               'Location' => '/books',
               'Access-Control-Allow-Headers' => 'Content-Type'
           ],
       ];
   }
   ```
   
   that's wired up to an API Gateway, I expect to see the Access-Control-Allow-Headers header in the response. Instead it is gone!
   
   
   Headers in Web Action response:
   
   ```
   $ curl -i -H "X-Require-Whisk-Auth: $REQUIRE_WHISK_AUTH" https://openwhisk.eu-gb.bluemix.net/api/v1/web/19FT_dev/default/ow-php-bookshelf-backend-dev-root
   HTTP/1.1 301 Moved Permanently
   X-Backside-Transport: OK OK
   Connection: Keep-Alive
   Transfer-Encoding: chunked
   Server: nginx
   Date: Fri, 01 Jun 2018 15:49:32 GMT
   X-Request-ID: 908fab442952df93704c73c8a9e9abb3,908fab442952df93704c73c8a9e9abb3
   Access-Control-Allow-Origin: *
   Access-Control-Allow-Methods: OPTIONS, GET, DELETE, POST, PUT, HEAD, PATCH
   Access-Control-Allow-Headers: Authorization, Content-Type,Content-Type
   Location: /books
   IBM_Cloud_Functions: OpenWhisk
   X-Global-Transaction-ID: 34285313
   Set-Cookie: DPJSESSIONID=PBC5YS:1342728446; Path=/; Domain=.openwhisk.eu-gb.bluemix.net
   ```
   
   Headers in the API Gateway response:
   
   ```
   $ curl -i https://service.eu.apiconnect.ibmcloud.com/gws/apigateway/api/2fbc … 8be1/ow-bookshelf-todo-backend/
   HTTP/2 301
   access-control-allow-credentials: true
   access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS
   access-control-allow-origin: *
   content-type: text/plain
   date: Fri, 01 Jun 2018 15:50:58 GMT
   ibm_cloud_functions: OpenWhisk
   location: /books
   server: openresty
   set-cookie: DPJSESSIONID=PBC5YS:1342728446; Path=/; Domain=.openwhisk.eu-gb.bluemix.net
   x-backside-transport: OK OK
   x-gateway-host: 10.164.193.60:31353
   x-global-transaction-id: 139638815
   x-request-id: 9e54ef0ebeafdcfd2ea43d6806820587,9e54ef0ebeafdcfd2ea43d6806820587
   x-request-id: nluhqvi9P9YoSXB8gjPTCuatZpU55eUH
   content-length: 0
   ```
   
   As you can see, the `Access-Control-Allow-Headers` header that's in the web action response is missing from the API Gateway response.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services