Request header field access-control-allow-methods is not allowed by Access-Control-Allow-Headers in preflight response.
&
Request header field "custom header (x-api-key) " is not allowed by Access-Control-Allow-Headers in preflight response.
how to fix both issues CORS policy:?
I had added the global cors plugin following this url : CORS plugin | Kong Docs
My CORS plugin is details are
{
“config”: {
“credentials”: true,
“preflight_continue”: true,
“methods”: [
“GET”,
“POST”,
“PUT”,
“DELETE”,
“OPTIONS”
],
"max_age": 7200,
"headers": [
"Accept",
"Accept-Version",
"Content-Length",
"Content-MD5",
"Content-Type",
"Date",
"X-Auth-Token",
"origin",
"Origin",
"x-requested-with",
"Access-Control-Allow-Headers",
"X-Requested-With",
"Authorization",
"Access-Control-Request-Method",
"Access-Control-Request-Headers"
],
"exposed_headers": [
"X-Auth-Token"
],
"origins": [
"*"
]
},
“id”: “3c4da430-5dd6-42fb-909d-5e14dd4299ed”,
“name”: “cors”,
“consumer”: null,
“created_at”: 1642467518,
“route”: null,
“service”: null,
“tags”: null,
“enabled”: true,
“protocols”: [
“grpc”,
“grpcs”,
“http”,
“https”
]
}
i tried all the headers also
it is working for one microservice and it is not working for other service
let me know how to fix this issue?