5
My question is, whenever I make a request before it is actually sent a Options request, I wonder what it’s for exactly. What impact can I have by removing this request both on performance(internet) and on security issues. How do I only send the request without this Options before ?
Requisition Options:
Requisition I really want:
5
Angular respects the behavior specification in the case of HTTP requests for cross source resources (English CORS, or Cross-Origin Resource Sharing).
One of these specifications determines the need for an initial request (preflight) that informs the availability, or not, of resources: This is the OPTIONS request.
A typical return of an OPTIONS request looks like the following excerpt:
HTTP/1.1 200 OK
Date: Mon, 01 Dec 2008 01:15:39 GMT
Server: Apache/2.0.61 (Unix)
Access-Control-Allow-Origin: http://foo.example
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER, Content-Type
Access-Control-Max-Age: 86400
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/plain
The header Access-Control-Allow-Origin indicates one or more accepted source domains.
The header Access-Control-Allow-Methods informs possible verbs. In the above example it is not possible to use PATCH and DELETE, for example.
A list of acceptable headers can be provided via Access-Control-Allow-Headers.
1
Hello. The HTTP OPTIONS method is used so that a client can find out what request options are allowed for a given resource on a server. The client can specify a specific URL in the OPTIONS method or an asterisk(*) indicating that it refers to the server as a whole to resolve its doubts regarding the allowed request options.
Browser other questions tagged javascript angularjs ajax html5 node.js
You are not signed in. Login or sign up in order to post.
I’ve had this problem a few times. I fixed it in my case by adding headers as content-type in the request. It might work for you...
– DiegoSantos