Need help on CORS ( Cross Origin Resource Sharing ) Issue

[Sailaja Gadireddy <sailaja.gadireddy@xxxxxxxxx>]

Hello Team,

I need help on the CORS issue and what needs to be configured for the below error.

User receive CORS error when calling IGC with AJAX _javascript_ call from the browser.

"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https:<hostname>/ibm/iis/igc-rest/v1/search?pageSize=50&properties=long_description&properties=short_description&properties=labels&properties=database_columns&properties=stewards&properties=assigned_to_terms&properties=name&types=database_table&where={%22operator%22:%22and%22,%22conditions%22:[{%22property%22:%22name%22,%22operator%22:%22containsWords%22,%22value%22:%22CIQ%22},{%22property%22:%22database_schema.database.name%22,%22operator%22:%22=%22,%22value%22:%22BIGSQL%22}]}. (Reason: CORS preflight channel did not succeed)."

Below is the configuration from the config file:
<Location "/">
SetEnvIf Origin ".+" origin_is=$0

	        Header set Allow GET,HEAD,POST,OPTIONS,TRACE
		Header set Access-Control-Allow-Origin %{origin_is}e env=origin_is
		Header set Access-Control-Allow-Credentials true
	        Header set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Accept-Encoding"
		Header set Access-Control-Expose-Headers "X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Accept-Encoding"
		Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
		Header set Access-Control-Max-Age: 60 
                Header unset X-Frame-Options

</Location>

Could you please help on this.

Thanks & Regards,

Sailaja.