Browser sending 'OPTIONS' request instead of GET/POST in Angular 4

Question

Browser is sending OPTIONS instead of GET/POST request in API Request to cross domain. I'm using Laravel 5.4 for backend and for frontend I'm using Angular 4

I've added Cors in routeMiddleware:

return $next($request)
       ->header('Access-Control-Allow-Origin', '*')
       ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');

api.php (routes):

Route::group(['middleware' => ['cors']], function(){
    Route::post('login', 'ApiController@login');
    Route::post('register', 'ApiController@register');
    Route::post('userInfo', 'ApiController@get_user_details');
});

What could be the possible solution?

score 3 · Answer 1 · answered Jul 03 '17 at 09:42

Browser is always sending OPTIONS request, This is actually a preflight request which is security measurement. When server understands this request and responds with 200 code, browser sends actual request (with real method GET, POST,...) to a server.

Your server needs to understand how to reply on preflight requests (requests with OPTIONS method).

Here you can find how can this be achieved in nodeJS server

module.exports = function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "*");
  res.header("Access-Control-Allow-Methods", "GET, POST", "PUT", "DELETE");

  next();
};

that is if you could edit the server's response to send a suitable CORS response, but many servers you would not have that opportunity - so what would you do in that case - say you were using an angular front end - which is similar to the ques — user1561783, May 16 '21 at 18:54

Browser sending 'OPTIONS' request instead of GET/POST in Angular 4

1 Answers1