10

I've written a RESTful API using ASP.NET Web Api. Now I'm trying to make it returns the allowed verbs for a controller. I'm trying to do it with the following code:

[AcceptVerbs("OPTIONS")]
public HttpResponseMessage Options()
{
    var response = new HttpResponseMessage(HttpStatusCode.OK);
    response.Headers.Add("Access-Control-Allow-Origin", "*");
    response.Headers.Add("Access-Control-Allow-Methods", "POST");
    response.Headers.Add("Allow", "POST");

    return response;
}

But instead of getting a Allow Header on my response, I'm getting a 500 Internal Server Error. While debugging I receive the following error:

{"Misused header name. Make sure request headers are used with HttpRequestMessage, response headers with HttpResponseMessage, and content headers with HttpContent objects."}

Is that possible to set that header?

Glauco Vinicius
  • 2,527
  • 3
  • 24
  • 37

2 Answers2

14

As the error message says, you must use content headers with HttpContent objects. 

response.Content.Headers.Add("Allow", "POST");

Must admit this is kinda weird API...

Esailija
  • 138,174
  • 23
  • 272
  • 326
  • Yes, very weird! Thanks for sharing the answer! – Glauco Vinicius Jan 11 '13 at 21:31
  • Yeah. It was considered a payload header in 2616 because apparently you could send it along with a PUT to actually change what methods were allowed. Httpbis has changed it to be a response header, but it's too late for WebAPI! – Darrel Miller Jan 12 '13 at 00:28
  • This API just doesn't know what it is doing. I'm struck with a custom header from a vendor and it does not allow me to add the f***ing header. I guess I'd have to write a socket to get it working :| – Herberth Amaral Jan 10 '15 at 04:25
  • 1
    If response.Content is null, add `response.Content = new StringContent("")` – Doug Domeny Jun 09 '17 at 15:13
3

Allow is a content header.

        response.Content.Headers.Allow.Add("POST");
Filip W
  • 27,097
  • 6
  • 95
  • 82