WSO2 ESB - Configure CORS

Question

I create on WSO2 ESB 5.0.0 a Rest API with any Endpoints.

My endpoints call a api rest made on java (running on Tomcat 8), like this:

<?xml version="1.0" encoding="UTF-8"?>
<endpoint xmlns="http://ws.apache.org/ns/synapse" name="RecuperarArmadilhaPorId">
   <http statistics="enable"
     method="GET"
     uri-template="http://localhost:8080/impactorcamentosgpmpu/ns/rest/pga/armadilhas/detalhePorId/{uri.var.id}"/>
</endpoint>

I am not using Identity Server and I preferred not using in this moment.

When I call my url wso2 (http://192.168.10.178:8280/mapaHomologacao/ns/rest/pga/localidadesPorRota/101) inner mobile app, I received the cors error:

XMLHttpRequest cannot load 
http://192.168.10.178:8280/mapaHomologacaorotas/completa/1/101. No 'Access-
Control-Allow-Origin' header is present on the requested resource. Origin 
'http://localhost:8100' is therefore not allowed access.

I tried to do the following configuration on repository/conf/tomcat/carbon/WEB-INF, I follow this url WSO2 API Manager CORS

But nothing changes.

How do I resolve this?

Regards,

Alessandro

Answer 1

For preflight requests:

You have to create a filter (to check OPTIONS calls) like this

<filter source="get-property('axis2', 'HTTP_METHOD')" regex="OPTIONS">
    <then>
        ... 
    </then>
</filter>

or create a separate resource for OPTIONS /* and put this content inside.

<property name="Access-Control-Allow-Origin" value="*"  scope="transport" type="STRING"/>
<property name="Access-Control-Allow-Methods" value="GET,PUT,POST,DELETE,PATCH,OPTIONS" scope="transport" type="STRING"/>
<property name="Access-Control-Allow-Headers" value="Authorization,Access-Control-Allow-Origin,Content-Type" scope="transport" type="STRING"/>
<respond/>

Please note that the values in above properties should be changed as per your requirement.

For simple requests:

You also have to put this inside your out sequence.

<property name="Access-Control-Allow-Origin" value="*"  scope="transport" type="STRING"/>