SSL Termination and CORs

Question

So I have two applications on seperate servers. One is a frontend machine and one is a backend api. We are using SSL which we are terminating at the load balancer.

My problem is that when the frontend (https://frontend.example.com) makes calls to the backend (https://api.example.com)

I get an issue with CORS. It complains about origins not matching (one being http and one https). This happens even with the Allow-Origin header set to *

Any ideas?

score 1 · Accepted Answer · edited May 23 '17 at 11:58

1

Try adding the the following header:

headers['Access-Control-Request-Method'] = '*'

Here's a relevant question: Allow anything through CORS Policy

edited May 23 '17 at 11:58

Community

1
1

answered Feb 18 '15 at 20:16

Jorge Marques

616
8
17

Thanks! Shall give it a go. – samdunne Feb 18 '15 at 20:17

SSL Termination and CORs

1 Answers1