Angular respects the behavior specification in the case of HTTP requests for cross source resources (English CORS, or Cross-Origin Resource Sharing).
One of these specifications determines the need for an initial request (preflight) that informs the availability, or not, of resources: This is the OPTIONS request.
A typical return of an OPTIONS request looks like the following excerpt:
HTTP/1.1 200 OK
Date: Mon, 01 Dec 2008 01:15:39 GMT
Server: Apache/2.0.61 (Unix)
Access-Control-Allow-Origin: http://foo.example
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER, Content-Type
Access-Control-Max-Age: 86400
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/plain
The header Access-Control-Allow-Origin
indicates one or more accepted source domains.
The header Access-Control-Allow-Methods
informs possible verbs. In the above example it is not possible to use PATCH and DELETE, for example.
A list of acceptable headers can be provided via Access-Control-Allow-Headers
.
I’ve had this problem a few times. I fixed it in my case by adding headers as content-type in the request. It might work for you...
– DiegoSantos