"cross-origin requests that require preflight" - Cors apache configuration

1.8k views Asked by At

I wrote in my httpd.conf about Apache these lines:

<IfModule mod_headers.c>
    Header always set Access-Control-Allow-Origin: *
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
    Header always set Access-Control-Max-Age "1000"
    Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
</IfModule>

In the console of browser I have this error:

XMLHttpRequest cannot load '...'. The request was redirected to '...', which is disallowed for cross-origin requests that require preflight.

I I see the request in the network, The response Header is correct.

What I am wrong?

1

There are 1 answers

0
khornberg On

According to this answer Apache is doing the correct thing. The other answers there may help as well.

You can return a 200 for preflighted requests; that is return a 200 for OPTIONS requests before the redirect with the necessary headers.