AnsweredAssumed Answered

OPTIONS Request returning 401

Question asked by jhahn on Feb 24, 2015
Latest reply on Jun 7, 2016 by hernangarcia

I'm using 5.17.0 and after we upgraded from 5.15.1, we are seeing issues with CORS.
Basically our front-end hits activiti-rest via javascript (temporary, we will have our own service later) which means we need to have CORS set up.

However, I think the OPTIONS pre-flight request browsers make is getting a 401 because those pre-flight requests don't send in the authorization header.

My question is,

1. How do I disable that check on OPTIONS?


2. How do I disable Authorization check all together?. Our services are internal only and behind strict firewall so we don't have to worry about external security issues.