Configuration for CORS

[geek0r]

Is there any documentation how to enable CORS for the API endpoint inside Anypoint studio?

http://www.mulesoft.org/documentation/display/current/APIkit+Beyond+the+Basics states somehting for the console but that does not include the API endpoint itself. Does it?

I found a workaround by setting the http header myself but I guess there is a better way of doing this.

[natalia-garcia]

Hi Eric,

I haven’t read it, but this might add some information: http://www.mulesoft.org/documentation/display/current/Accessing+Your+API+Behind+a+Firewall I still couldn’t find any documentation related to the new CORS component in Studio.

If you have any question, you can ping me directly and I’ll try to help you.

Hope this helps.

Regards, -Natalia

On Oct 14, 2014, at 6:40 AM, Eric Bartels notifications@github.com wrote:

Is there any documentation how to enable CORS for the API endpoint inside Anypoint studio?

http://www.mulesoft.org/documentation/display/current/APIkit+Beyond+the+Basics states somehting for the console but that does not include the API endpoint itself. Does it?

I found a workaround by setting the http header myself but I guess there is a better way of doing this.

— Reply to this email directly or view it on GitHub.

[geek0r]

Hi Natalia,

thanks for the link. It deals with the topic but does not solve my concrete problem. Is use the following flow-config (which sets the http-header) to enable cors for the endpoint.

<flow name="api-main" doc:name="api-main">
  <http:inbound-endpoint address="http://localhost:8081/api" doc:name="HTTP">
    <set-property propertyName="Access-Control-Allow-Origin" value="*" />
  </http:inbound-endpoint>
  <apikit:router config-ref="api-config" doc:name="APIkit Router" />
  <exception-strategy ref="DefaultExecptionStrategie" doc:name="Reference Exception Strategy" />
</flow>

[natalia-garcia]

Hi Eric,

Sorry for the delay. First, you should configure a CORS component as follows:

<cors:config name="Cors_Configuration" doc:name="Cors Configuration">
    <cors:origins>
        <cors:origin url="http://localhost:8082">
            <cors:methods>
                <cors:method>POST</cors:method>
                <cors:method>DELETE</cors:method>
                <cors:method>PUT</cors:method>
                <cors:method>GET</cors:method>
            </cors:methods>
            <cors:headers>
                <cors:header>content-type</cors:header>
            </cors:headers>
        </cors:origin>
    </cors:origins>
</cors:config>

Being origin url the URL from which you will access your api. Then, after the endpoint of your APIkit router, you need to add this component in the following way:

<cors:validate config-ref="Cors_Configuration" publicResource="false" acceptsCredentials="false" doc:name="CORS Validate”/> <apikit:router config-ref=“apiConfig" doc:name="APIkit Router”/>

Let me know if you encounter any issue.

Regards, -Natalia

On Oct 15, 2014, at 4:48 AM, Eric Bartels notifications@github.com wrote:

Hi Natalia,

thanks for the link. It deals with the topic but does not solve my concrete problem. Is use the following flow-config (which sets the http-header) to enable cors for the endpoint.

/http:inbound-endpoint

— Reply to this email directly or view it on GitHub.

[potofjava]

You'll need to add the following to your mule configuration xmlns:cors="http://www.mulesoft.org/schema/mule/cors"

http://www.mulesoft.org/schema/mule/cors http://www.mulesoft.org/schema/mule/cors/current/mule-cors.xsd

[jrichardsz]

This works for my mule 3.7.1

<http:listener config-ref="shared-http-listener" path="/some_path/some_resource/" allowedMethods="POST" doc:name="HTTP">
    <http:response-builder>
        <http:header headerName="Access-Control-Allow-Origin" value="*"/>
        <http:header headerName="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept"/>
    </http:response-builder>
</http:listener>