For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JasonBizzle_178's avatar
JasonBizzle_178
Icon for Nimbostratus rankNimbostratus
Aug 10, 2015

iControlREST and CORS

I know I cannot be the only one that has run into this problem, but I cannot find any questions related to this. I have an angular application that is trying to hook into our F5 directly. When the ca...
iControlREST
JasonBizzle_178's avatar
JasonBizzle_178
Icon for Nimbostratus rankNimbostratus
Aug 12, 2015

In the end, it became clear that the F5 required authentication to even hit the OPTIONS method of the URL (bad practice). Even if I was somehow able to inject authorization headers into the pre-flight check, the F5 returns a 502 bad gateway error.

 

Throwing in the towel, I've created a PHP server to handle all interaction with the F5. While PHP was the proper architecture to begin with, it's still a bummer that the REST interface will not allow pre-flight checks.

 

If this changes or someone has an example of this working, please comment.