Forum Discussion
NimbostratusiControlREST and CORS
I know I cannot be the only one that has run into this problem, but I cannot find any questions related to this. I have an angular application that is trying to hook into our F5 directly. When the call goes out, it returns a CORS error due to
No 'Access-Control-Allow-Origin' header is presentHere is a close example of what I'm doing:
Apache URL: testing.example.com
F5 URL: f5url.example.com
My web server talks directly to the F5 instead of interfacing with a server side application like php. I'm wondering if iControl even has the option to enable the return of "Access-Control-Allow-Origin" when the options method is used.
If you've come across this issue, I would love to hear what you were able to do to get around it. Preferably without the need to go to an intermediary app server.
Thank you.
3 Replies
JasonBizzle_178In the end, it became clear that the F5 required authentication to even hit the OPTIONS method of the URL (bad practice). Even if I was somehow able to inject authorization headers into the pre-flight check, the F5 returns a 502 bad gateway error.
Throwing in the towel, I've created a PHP server to handle all interaction with the F5. While PHP was the proper architecture to begin with, it's still a bummer that the REST interface will not allow pre-flight checks.
If this changes or someone has an example of this working, please comment.
Andrew_Le_12873Are you trying to make a REST call and for credentials using an external user (eg, not BIG-IP user)?
Dan_Bowman_2434Altocumulus
3 years later and this still appears to be an issue in the current BIG-IP version.
Would be good to be able to set these headers on device to allow web-based calls, or even an enhancement to BIG-IQ to allow iControl commands to be crafted and sent from there?
