API versioning with header doesn't work for APIs with CORS policies.
We have enabled versioning of APIs using a header 'api-verion'.
We also have enabled CORS policies on the API.
The problem that we have is when a CORS pre-flight request (OPTIONS) is sent to API by browser the required
api-Version header is not present and thus a 404 is returned from API-M and we receive a CORS Failure in the browser.
Same on my apim.
The only way to correct it is to apply Cors on the "ALL Api policy" but then it will crush any cors policy on operations or api scope.
We have the same issue.