WebAPI DELETE - HTTP/1.1 405 Method Not Allowed

Question

I've been trying to get delete working and just can't seem to make it work!

All GET requests seem fine, but if I try and use the delete verb I get the above error.

The method itself is reachable if I make it a GET, but as soon as I add the [HttpDelete] attribute and try and set the call type it fails.

Method:

[HttpDelete]
public void Delete(int id) {
    // delete method.
}

Call:

remove: function(key) {
    $.ajax({
        url: MyApp.settings.endpoint + 'list/delete/1,
        type: "DELETE"
    });
}

It seems to hang on the OPTIONS pre request?

Request:

(Request-Line)  OPTIONS /api/list/delete/1 HTTP/1.1
Host    192.168.1.139
User-Agent  Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
Accept  text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-US,en;q=0.5
Accept-Encoding gzip, deflate
Origin  null
Access-Control-Request-Method   DELETE

Response:

(Status-Line)   HTTP/1.1 405 Method Not Allowed
Cache-Control   no-cache
Pragma  no-cache
Allow   DELETE
Content-Type    application/xml; charset=utf-8
Expires -1
Server  Microsoft-IIS/7.5
X-AspNet-Version    4.0.30319
Access-Control-Allow-Origin *
Date    Mon, 05 May 2014 02:54:38 GMT
Content-Length  96

I've tried just about every imagineably web.config that has you remove WebDAV and WebDAVModule and mess with the ExtensionlessUrlHandler.

The only difference is I've also been including this to allow for cross domain. I was really hoping that it wouldn't be this hard.

<httpProtocol>
  <customHeaders>
    <clear />
    <add name="Access-Control-Allow-Origin" value="*" />
  </customHeaders>
</httpProtocol>

related? http://stackoverflow.com/questions/12313978/delete-method-net-webapi-does-not-work?rq=1 — steve cook, May 05 '14 at 03:15

score 3 · Accepted Answer · answered May 05 '14 at 03:31

Looks like you are using a cross domain call, did you add CORS support to your project?

Note that this code below is a big hammer, and you can enable selectively per controller. See the following link for more: http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api

using System.Web.Http;
namespace WebService
{
    public static class WebApiConfig
    {
        public static void Register(HttpConfiguration config)
        {
            // New code
            var cors = new EnableCorsAttribute("www.example.com", "*", "*");
            config.EnableCors(cors);

            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );
        }
    }
}

score 0 · Answer 2 · answered Jun 03 '19 at 09:36

Please enable Cross-Origin Resource Sharing (CORS) at Startup.cs

services.AddCors(options =>
            {
                options.AddPolicy("CorsPolicy",
                    builder => builder.AllowAnyOrigin()
                    .AllowAnyMethod()
                    .AllowAnyHeader()
                    .AllowCredentials());
            });

More details: https://github.com/shahedbd/DotNetCoreRestAPI

WebAPI DELETE - HTTP/1.1 405 Method Not Allowed

2 Answers2