For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Cirrostratus rank

Cirrostratus

Jun 04, 2018

CORS as show stopper: Why does BigIP not send "Access-Control-Allow-Origin" headers?

Hi all, I would like to access the iControl API from my local PC (whichis in a other domain as my BigIPs). Testing stuff with Postman is fine, but to get a nice quick view of things, a small HTM...

Dan_Bowman_2434

Icon for Altocumulus rank

Altocumulus

Jun 04, 2018

Subscribing to this thread as I'm having the same issue. CORS is enforced by the browser client hence Postman works but Chrome etc don't.

Currently looking to implement a custom .NET web based client to do the REST calls but wouldn't need to if Access-Control-Allow-Origin could be specified on the BIG-IP!

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5