Really confused with this error.
I am using Web Api and OAuth for user authentication. The first request to the site is a user register POST request which executes correctly.
The second request I send is the PUT request with user credentials to activate user, for which the preflight request returns OK but the actual PUT request returns 405 Method not Allowed and No Access-Control-Allow-Origin header is present error.
Everything works fine before hosting. This error occurs only in hosted API. I also checked the hosted client with localhost:portNo/api (i.e. ran api in local host and accessed it from hosted client app) and it works fine. Error occurs only in hosted application.
Preflight request is as follows:
Request URL: api.oorvalam.com/user/activate
Request Method:OPTIONS
Status Code:200 OK
The preflight response is as follows:
Accept:/
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8,ta;q=0.6
Access-Control-Request-Headers:content-type, userlanguage
Access-Control-Request-Method:PUT
Cache-Control:no-cache
Connection:keep-alive
Host:api.oorvalam.com
Origin:http://web.oorvalam.com
Pragma:no-cache
Referer:web.oorvalam.com/setPassword
The actual request:
Request URL:api.oorvalam.com/user/activate
Request Method:PUT
Status Code:405 Method Not Allowed
The actual response is as follows:
Allow:GET, HEAD, OPTIONS, TRACE
Cache-Control:private
Content-Length:5293
Content-Type:text/html; charset=utf-8
Date:Mon, 19 Sep 2016 13:30:09 GMT
Server:Microsoft-IIS/8.5
X-Powered-By:ASP.NET
X-Powered-By-Plesk:PleskWin
FYI: The client is made with angular. Also removed some links http as stackoverflow isn't allowing me to.
Please let me know if there is anything I missed regarding CORS. And elaborate on why it is working in local and not working in Hosted api.
