CORS filter not sending headers

I’m trying to use the CORS filter to enable my angular front end to communicate with my yii2 backend api. When angular makes the request, I get an error that the Access-Control-Allow-Origin header is not present. I’m assuming I’m doing something wrong, but I don’t know what the deal is.

Here’s part of the controller:


class SaleDataController extends ActiveController

{

    public $modelClass = 'api\modules\v1\models\SaleData';


    public function behaviors()

    {


    	$behaviors = ArrayHelper::merge(

    		[

	            'corsFilter' => [

	                'class' =>Cors::className(),

	        	],

	        ],

	        parent::behaviors()

	    );


        // $behaviors['authenticator'] = [

        //     'class' => HttpBearerAuth::className(),

        //     'except' => ['sample-data'],

        //  ];


        return $behaviors;

    }


    public function actionTestMe()

    {

    	return "FIORSTR";

    }

Here’s the url manager config:


'urlManager' => [

            'enablePrettyUrl' => true,

            'enableStrictParsing' => true,

            'showScriptName' => false,

            'rules' => [

                [

                    'class' => 'yii\rest\UrlRule',

                    'controller' => 'v1/sale-data',

                    'patterns' => [

                        'GET,HEAD' => 'index',

                        'GET,OPTIONS test-me' => 'test-me',

                    ],

                    'pluralize' => false,


                ],

            ],

        ]

Here are the headers from Postman:




Access-Control-Expose-Headers →

Connection → Keep-Alive

Content-Length → 9

Content-Type → application/json; charset=UTF-8

Date → Fri, 13 Mar 2015 17:24:03 GMT

Keep-Alive → timeout=5, max=100

Server → Apache/2.2.22 (Ubuntu)

X-Powered-By → PHP/5.4.35-1+deb.sury.org~precise+1



Anyone see what I’m doing wrong, or have any thoughts?

Thanks

Update:

I can do this and the header is present and my request works. I’d rather not do that though. Is this a bug with the CORS filter?

Not sure what changed, but it started working. I don’t know if something was cached somewhere within the server, or within the angular app, or something else entirely, but it just magically started sending the headers over…