You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For cross-origin requests the browser usually sends a preflight OPTIONS request. This request usually asks "Can I use method POST for this resource?" among other questions, by specifying a Access-Control-Request-Headers: POST.
The server will then respond with Access-Control-Allow-Methods: GET, POST allowing the method.
With axios, sending a patch request creates a Access-Control-Request-Headers: patch request, and if the server responds with Access-Control-Allow-Methods: PATCH, the created XmlHttpRequest does not send an uppercase PATCH verb, but sends a lowercase one, and the browser decides to disallow the request.
This occurs only with PATCH. The reason for this is unclear, but on Chrome 39 on Firefox 33 it seems that all verbs are auto-corrected to uppercase with the exception of PATCH.
Why is this an issue? Because according to the spec, HTTP verbs are case-sensitive, and should be uppercase by default.
The Method token indicates the method to be performed on the resource identified by the Request-URI. The method is case-sensitive. [list of HTTP methods, GET, POST ...]
Thus, the culprit is in fact both in axios and browsers: because browsers tend to uppercase the preflight verbs (but patch seems to be omitted, I have not tested other verbs), and axios sends a lowercase method parameter here.
I think the simplest fix would just be to set the line to method: method.toUpperCase(). This fixed it for me.
The text was updated successfully, but these errors were encountered:
For cross-origin requests the browser usually sends a preflight OPTIONS request. This request usually asks "Can I use method POST for this resource?" among other questions, by specifying a
Access-Control-Request-Headers: POST
.The server will then respond with
Access-Control-Allow-Methods: GET, POST
allowing the method.With axios, sending a patch request creates a
Access-Control-Request-Headers: patch
request, and if the server responds withAccess-Control-Allow-Methods: PATCH
, the created XmlHttpRequest does not send an uppercasePATCH
verb, but sends a lowercase one, and the browser decides to disallow the request.This occurs only with PATCH. The reason for this is unclear, but on Chrome 39 on Firefox 33 it seems that all verbs are auto-corrected to uppercase with the exception of PATCH.
Why is this an issue? Because according to the spec, HTTP verbs are case-sensitive, and should be uppercase by default.
http://www.ietf.org/rfc/rfc2616.txt
Thus, the culprit is in fact both in axios and browsers: because browsers tend to uppercase the preflight verbs (but patch seems to be omitted, I have not tested other verbs), and axios sends a lowercase method parameter here.
I think the simplest fix would just be to set the line to
method: method.toUpperCase()
. This fixed it for me.The text was updated successfully, but these errors were encountered: