Cross-Domain/Cross-Origin calls support in Orchestration engine's REST API
I am getting following error when I am calling Orchestration engine's REST API from out side domain:
"XMLHttpRequest cannot load http://devpmapp1:8181/console/rest/v1/fabric-dev. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '<a href="http://220.127.116.11:8282'">http://18.104.22.168:8282' is therefore not allowed access."
After googling I came to know that if we have the following headers in the response's header list then this problem will go away:
Re: Cross-Domain/Cross-Origin calls support in Orchestration engine's REST API
Glad it is working this way. I can see why it could be a problem. If that is an issue I could add a plugin or something to allow you to customize the headers. I would not simply add those headers to all requests as this could be opening a security hole in general.