Add CORS headers to catchAll Error response

proxies/sandbox/apiproxy/proxies/default.xml

@@ -2,48 +2,48 @@
 <ProxyEndpoint name="default">
   <Flows>
     <Flow name="AddPayloadToPing">
-        <Description/>
-        <Request/>
-        <Response>
-            <Step>
-                <Name>AssignMessage.AddPayloadToPing</Name>
-            </Step>
-        </Response>
-        <Condition>(proxy.pathsuffix MatchesPath "/_ping") and ((request.verb = "GET") or (request.verb = "HEAD"))</Condition>
+      <Description/>
+      <Request/>
+      <Response>
+        <Step>
+          <Name>AssignMessage.AddPayloadToPing</Name>
+        </Step>
+      </Response>
+      <Condition>(proxy.pathsuffix MatchesPath "/_ping") and ((request.verb = "GET") or (request.verb = "HEAD"))</Condition>
     </Flow>
     <Flow name="StatusEndpoint">
-        <Request>
-            <Step>
-                <Condition>request.header.apikey = null or private.common.status-endpoint-api-key != request.header.apikey</Condition>
-                <Name>RaiseFault.401Unauthorized</Name>
-            </Step>
-            <Step>
-                <Name>ServiceCallout.CallHealthcheckEndpoint</Name>
-            </Step>
-        </Request>
-        <Response>
-            <Step>
-                <Name>javascript.SetStatusResponse</Name>
-            </Step>
-        </Response>
-        <Condition>(proxy.pathsuffix MatchesPath "/_status") and ((request.verb = "GET") or (request.verb = "HEAD"))</Condition>
+      <Request>
+        <Step>
+          <Condition>request.header.apikey = null or private.common.status-endpoint-api-key != request.header.apikey</Condition>
+          <Name>RaiseFault.401Unauthorized</Name>
+        </Step>
+        <Step>
+          <Name>ServiceCallout.CallHealthcheckEndpoint</Name>
+        </Step>
+      </Request>
+      <Response>
+        <Step>
+          <Name>javascript.SetStatusResponse</Name>
+        </Step>
+      </Response>
+      <Condition>(proxy.pathsuffix MatchesPath "/_status") and ((request.verb = "GET") or (request.verb = "HEAD"))</Condition>
     </Flow>
     <Flow name="Raise400ForMissingODSHeader">
-        <Request>
-            <Step>
-                <Name>RaiseFault.400BadRequest</Name>
-                <Message>Missing Header: NHSD-End-User-Organisation-ODS</Message>
-            </Step>
-        </Request>
-        <Condition>request.verb != "OPTIONS" and (request.header.NHSD-End-User-Organisation-ODS = null or request.header.NHSD-End-User-Organisation-ODS = "")</Condition>
+      <Request>
+        <Step>
+          <Name>RaiseFault.400BadRequest</Name>
+          <Message>Missing Header: NHSD-End-User-Organisation-ODS</Message>
+        </Step>
+      </Request>
+      <Condition>request.verb != "OPTIONS" and (request.header.NHSD-End-User-Organisation-ODS = null or request.header.NHSD-End-User-Organisation-ODS = "")</Condition>
     </Flow>
     <Flow name="CorsHeaders">
-        <!-- This must be the last item in the flow -->
-        <Response>
-            <Step>
-                <Name>AssignMessage.AddCors</Name>
-            </Step>
-        </Response>
+      <!-- This must be the last item in the flow -->
+      <Response>
+        <Step>
+          <Name>AssignMessage.AddCors</Name>
+        </Step>
+      </Response>
     </Flow>
   </Flows>
   <PreFlow>