3

Basically I am using a POST method but it automatically gets converted to OPTIONS method. I know browser does this but also read that it is fine and should get response as 201, but in my case it is not behaving as expected, I have also tried Access-Control-Allow-Methods in request headers but didn't get anything.

This is what my Request looks like:

OPTIONS http://xyz/abc
Accept: application/json
Content-Type: application/json

Response:

405, Method Not Allowed
Access-Control-Allow-Origin: *
Date: Tue, 05 May 2015 06:15:19 GMT
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: authorization, content-type
Content-Length: 0
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD

Can anyone tell me the cause of this issue and what could be the exact reason for the same after having enough research everything looks fine at my end. Thanks in advance.

Divya MV
  • 2,021
  • 3
  • 31
  • 55
Suraj Khurana
  • 392
  • 3
  • 14
  • whats your OPTIONS response. isn't it 201? – Divya MV May 05 '15 at 06:36
  • is it a cross domain request ? – Kalhan.Toress May 05 '15 at 06:37
  • OPTIONS Response is 405 as ou can see, I think is might be a cross domain issue, not sure. – Suraj Khurana May 05 '15 at 06:37
  • 2
    Search for CORS preflight request – Paul Samsotha May 05 '15 at 06:47
  • Well that response is saying that your server is not configured to allow OPTIONS. You haven't said anything about your server setup, so it's hard to say anything further. To get help, you'll need to update the question to indicate what server framework you are using, etc. – WW. May 05 '15 at 06:48
  • Well, actually your POST method isn't really convert into a OPTIONS method. OPTIONS method are a preflight request. If your CORS can't handle it, the POST request will never being send. You just have to handle this kind of method in your CORS filter or whatever you use to handle it – Pierre-Alexandre Moller May 05 '15 at 06:49
  • 1
    possible duplicate of [AJAX in Chrome sending OPTIONS instead of GET/POST/PUT/DELETE?](http://stackoverflow.com/questions/21783079/ajax-in-chrome-sending-options-instead-of-get-post-put-delete) – Quentin May 05 '15 at 06:56
  • http://stackoverflow.com/a/14909140/4260544 – Divya MV May 05 '15 at 07:40

1 Answers1

2

You are probably seeing pre-flight check during a POST-request in cross-origin resource sharing. I don't know how your webserver needs to be setup to support this, but this Wikipedia article might be a first help: http://en.wikipedia.org/wiki/Cross-origin_resource_sharing

The easiest solution is to do the POST request on the same origin as the where you are loading the web-page from. A reverse proxy might be a reasonable solution.

Bernte
  • 21
  • 1