Forum Discussion
samstep
Jul 21, 2021Cirrocumulus
if you are using ASM it might be the culprit, check this:
Bug ID 746394: With ASM CORS set to 'Disabled' it strips all CORS headers in response.
https://cdn.f5.com/product/bugtracker/ID746394.html
Also if y.domain.com where your request is landing has an ASM policy in blocking mode please do check that OPTIONS method is not blocked in ASM policy (it is blocked by default)
- Johan_LångJul 22, 2021Cirrus
Thanks for your reply, unfortunately we´re not using ASM together with APM.
/Johan