is it possible to configure so that UI will not make OPTIONS call?

[muly]

I have a scenario which is causing the redirect call result in an OPTIONS call to the provider, but the provider API being called unfortunately NOT supporting OPTIONS requests.

This is happening only when the existing cookie is expired and the AuthHandler() forces the workflow to authRedirect(), which then is redirecting to the SSO provider's URL. at this point, the request is happening with OPTIONS type, and there by failing.

I have notices that the same flow is happening during the first time login, but is not resulting in the OPTIONS call. there by the login is successful.

Attached is the snapshot of the Chrome inspect window captured when OPTIONS call happened and resulted in error. Any guidance to fix/work around this issue is appreciated.

[muly]

I tried to make the cors request as a simple request (instead of a pre-flight request), by eliminating the headers that are not supported by the simple request, but looks some how the X-Requested-With header is still there. I modified the code to remove all the headers right before the http.Redirect(), but I still see the X-Requested-With header set to XMLHttpRequest. @thomseddon, is there a way to avoid this to happen? Please suggest.

[thomseddon]

The approach I'd recommended elsewhere was to configure a rule to allow OPTIONS/CORS requests through, would that work? https://github.com/thomseddon/traefik-forward-auth/issues/186#issuecomment-697444873

I'd like to add an option to quickly enable those rules, to make it easier for other users (tracked in #186)

[muly]

OPTIONS call URL is outside the domain of the application & we are not able to add the rules for that URL to be routed through the traefik-forward-auth layer.

Could you please share any other suggestions?