CORS issue with HTTP 2.0
We have a PHP(Laravel 5.2) web app hosted in Apache(CentOS) that acts as a web service for another web app, Website in Angular and admin panel in React
End Points
https://api.mydomian.com/api_name : Web Server URL
https://admin.mydomain.com : Admin Panel URL
https://mydomianname,com : Website URL
It has been running on HTTP 2.0
We have been experiencing CORS errors since the last few weeks without making any changes that can raise any security issues.
The issue does not always happen, sometimes it works after we refresh Chrome. But sometimes it occurs on other resource files, like css or js.
Following headers are set in the backend code
Access-Control-Allow-Origin’, “*”
Access-Control-Allow-Methods’, ‘GET, POST, PUT, DELETE, OPTIONS’
Access-Control-Allow-Headers’, ‘X-Requested-With, Content-Type, X-Token-Auth, Authorization
When we downgrade HTTP 2.0 to HTTP 1.0 It works fine & and we noticed when we downgrade the browser version it works with HTTP 2.0 as well
Experiencing this issue in all the Browsers(Chrome, Firefox, Safari)