I wrote in my httpd.conf about Apache these lines:
<IfModule mod_headers.c>
Header always set Access-Control-Allow-Origin: *
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
</IfModule>
In the console of browser I have this error:
XMLHttpRequest cannot load '...'. The request was redirected to '...', which is disallowed for cross-origin requests that require preflight.
I I see the request in the network, The response Header is correct.
What I am wrong?
According to this answer Apache is doing the correct thing. The other answers there may help as well.
You can return a 200 for preflighted requests; that is return a 200 for OPTIONS requests before the redirect with the necessary headers.