When creating routes with the CLI, you can add the --cors flag to add permissive CORS.

Under the hood, this uses the Kong cors plugin to add permissive CORS rules to the underlying service.


To create a dummy route, we can run:

# Make options request to target URL, see no CORS headers

# Add routes with and without cors
scwgw route add /cors $TARGET_URL --cors
scwgw route add /no-cors $TARGET_URL

# List routes to see that it's been configured
scwgw route ls

# Curl the routes with and without CORS to see the difference in headers
GATEWAY_ENDPOINT=$(scwgw infra endpoint)
curl -X OPTIONS -I https://${GATEWAY_ENDPOINT}/cors
curl -X OPTIONS -I https://${GATEWAY_ENDPOINT}/no-cors