Join Private Q&A
Setup a private space for you and your coworkers to ask questions and share information.
Learn more about Teams
I have followed this step to setup my server to enable CORS.
https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin-requests-in-web-api
But now in my browser dev console, I see this error message:
XMLHttpRequest cannot load
https://serveraddress/abc
. Response for
preflight is invalid (redirect)
Do you know what can I do to fix it? I am making a CORS request in HTTPS. I think that is causing the 'preflight is invalid (redirect)' failure. But I don't know why or what is redirecting the OPTIONS request.
Thank you.
Your code is triggering your browser to send a
CORS preflight
OPTIONS
request
, and the server’s responding with a
3xx
redirect. It needs to respond with a
2xx
success message instead.
You may be able to adjust your code to avoid triggering the browser to send the
OPTIONS
request.
As far as what all’s going on in this case, it’s important to know that browsers do a CORS preflight if:
the request method is anything other than
GET
,
HEAD
, or
POST
you’ve set custom request headers other than
Accept
,
Accept-Language
,
Content-Language
,
Content-Type
,
DPR
,
Downlink
,
Save-Data
,
Viewport-Width
, or
Width
the
Content-Type
request header has a value other than
application/x-www-form-urlencoded
,
multipart/form-data
, or
text/plain
If you can’t change your code to avoid need for browsers to do a preflight, then another option is:
Examine the URL in the
Location
response header in the response to the
OPTIONS
request.
Change your code to make the request to that other URL directly instead.
The difference between the URLs might be something as simple as a trailing slash in the path — for example, you may need to change the URL in your code to
http://localhost/api/auth/login/
(notice the trailing slash) rather than
http://localhost/api/auth/login
(no trailing slash).
You can use the Network pane in browser devtools to examine the response to the
OPTIONS
request and to find the redirect URL in the value of the
Location
response header.
–
Thanks for contributing an answer to Stack Overflow!
-
Please be sure to
answer the question
. Provide details and share your research!
But
avoid
…
-
Asking for help, clarification, or responding to other answers.
-
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our
tips on writing great answers
.
site design / logo © 2019 Stack Exchange Inc; user contributions licensed under
cc by-sa 3.0
with
attribution required
.
rev 2019.7.22.34392