Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why is this simple CORS request doing a pre-flight options check

Tags:

javascript

angularjs

cors

asp.net-web-api

I'm issuing a simple CORS request, to a cross-origin resource. I assumed as it is a POST request, with a parameter, it would classify as a simple CORS request, and therefore not need a pre-flight call. But it looks to not be the case.

Also, Unfortunately because I am using .NET Web API, any simple data-type has to be passed on the query string in a Post request.

Using angular $http for post.

OPTIONS:

Request URL:http://api.local.foundation.com/account/LoginAutomatically?key=null
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, content-type
Access-Control-Request-Method:POST
Cache-Control:no-cache
Connection:keep-alive
Host:api.local.foundation.com
Origin:http://www.local.foundation.com
Pragma:no-cache
Referer:http://www.local.foundation.com/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Query String Parametersview sourceview URL encoded
key:null

POST:

Request URL:http://api.local.foundation.com/account/LoginAutomatically?key=null
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive
Content-Length:0
Content-Type:application/json;charset=utf-8
Host:api.local.foundation.com
Origin:http://www.local.foundation.com
Pragma:no-cache
Referer:http://www.local.foundation.com/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Query String Parametersview sourceview URL encoded
key:null
like image 685
williamsandonz Avatar asked Jan 03 '14 21:01

williamsandonz

1 Answers

Your CORS request is preflighted due to the Content-Type of your request. "application/json" makes your request a "non-simple" CORS request, thus it is preflighted. If the Content-Type of your request was, say, "text/plain", it would not be preflighted in this case.

like image 136
Ray Nicholus Avatar answered Oct 11 '22 00:10

Ray Nicholus
Sign in to Comment

Related questions

Facebook Graph not returning email
AngularJS: Dependency Management
Multiple Build Folders (multiple clients, mulitask, multiple targets) using Grunt (Yeoman)
AngularJS: How to transclude multiple directives?
overlaying text boxes on an image in specific positions
Web Speech API Custom Words
Stop Event bubbling for a disabled element
Trouble with RequireJS optimizer config, bbb release
Why does the value of "this" changes.?
How can I call a model instance method in lifecycle callback in Sails/Waterline?
Opencart Filters add onclick event to replace the submit button
Does Capybara require sleep to work?
jQuery div that follows cursor movement only within another div
How to conditionally compile (using Grunt) only changed jade files with template includes
Ember.js: how to model this example?
JavaScript test on V8
PhantomJS - Upload a file without submitting a form
What is the most efficient way to implement GroupBy in Javascript?
Undefined model prototype in Backbone Collection and Marionette CompositeView
After clicking on selected text, window selection is not giving updated range

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!