Will return the expected headers. curl -vik -H "Origin: https://exampleXcom" ... Will return the CORS headers too. Fixing the regexp will solve the issue. From allowOriginRegex: -https://[a-zA-Z0-9]*.example.com To allowOriginRegex: -https://[a-zA-Z0-9]*\.example\.com Conte...
The RouteOptions documentation states thatDefines a CORS policy for the route If a CORS policy is also defined on the route’s virtual host, the policies are merged. However, if I try to overrideallowCredentialswithout also definingallowOriginorallowOriginRegexin the override then theallowCredential...