Forum Discussion

Nimbostratus

Sep 11, 2019

When CORS IS SET, Sometimes the request gives error when request originates from one domain and requests resource in another domain

This is wrt cors policy, Sometimes the request gives error when request originates from one domain and requests resource in another domain, the allow origin header is seen send for few of the request...

Employee

Sep 18, 2019

Here is setup:

https://techdocs.f5networks.net/kb/en-us/products/big-ip_asm/manuals/product/big-ip-asm-implementations-14-1-0/18.html

if your CORS headers are in the request and not in the response from the ASM device, checkout

K34183431: BIG-IP ASM security policy removes CORS headers when Cross-Domain Request Enforcement is 'disabled'

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

When CORS IS SET, Sometimes the request gives error when request originates from one domain and requests resource in another domain

Introducing the F5 Application Study Tool (AST)

Displaying Application Study Tool (AST) Dashboards in Your Own Grafana Instance

Recent Discussions

What dose "Accept" do in BIG-IP ASM event logs

OSPF traps on BIG-IP v14

Problem with sending BotDefense logs to remote server

Change Content-Type from application/octet-stream to multipart/form-data

Is anyone using Certbot for F5 certificate automation? If not, what tool do you use?

Related Content

F5 Distributed Cloud Origin Server Subset Rules

Request POST Header Rewrite of Origin and Referer

F5 Distributed Cloud - Mitigation for Cross Tenant Origin Exposure (CTOE)

Logging DNS Requests

Knowing the originating request

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS