When I apply the CORS policy, not all of the CORS headers are serialized back. I only get back the following headers. I’m wondering if I’m doing anything wrong? I do have a JWT policy using the
RequestAuthentication definition also applied to the same gateway the virtual service below is applied to.
I’m expecting as expected in this CorsPolicy document
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: namespace: ingestion name: http-bobber-2-public spec: hosts: - '*' gateways: - alb-system/default-istio-gateway http: - name: http-bobber-2-default-public-route match: - uri: prefix: /ingestion/http-bobber-2/ rewrite: uri: / route: - destination: host: http-bobber-2.ingestion.svc.cluster.local corsPolicy: allowOrigins: - exact: "*" allowMethods: - GET - POST - PATCH - PUT - DELETE - OPTIONS allowCredentials: false allowHeaders: - authorization maxAge: "24h"