Forum Discussion

Cirrus

May 05, 2021

Cors preflight requests problem

I have two different web applications that make requests to domain names other than themselves. For example, x.domain.com makes a request to y.domain.com to retrieve certain data. The user is authent...

application delivery

BIG-IP Access Policy Manager (APM)

samstep

Cirrocumulus

if you are using ASM it might be the culprit, check this:

Bug ID 746394: With ASM CORS set to 'Disabled' it strips all CORS headers in response.

https://cdn.f5.com/product/bugtracker/ID746394.html

Also if y.domain.com where your request is landing has an ASM policy in blocking mode please do check that OPTIONS method is not blocked in ASM policy (it is blocked by default)

Johan_Lång

Cirrus

Jul 22, 2021

Thanks for your reply, unfortunately we´re not using ASM together with APM.

/Johan

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Cors preflight requests problem

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

C3D first request problem

Source_Addr Persistence Problems

Logging of DNS Requests and Responses without a DNS license

Problem about Export imformation to Excel

Monitoring Failure OAuth request

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS