Skip to content
This repository has been archived by the owner on Dec 20, 2020. It is now read-only.

qwest.get but OPTIONS method sent #90

Closed
ydeshayes opened this issue Nov 25, 2015 · 7 comments
Closed

qwest.get but OPTIONS method sent #90

ydeshayes opened this issue Nov 25, 2015 · 7 comments

Comments

@ydeshayes
Copy link

Hello,

I call

qwest.get('https://myUrl')
.then(function(xhr, response) {
    alert(response);
});

but when I look at the request I got this:

Remote Address:127.0.0.1
Request URL:https://myUrl
Request Method:OPTIONS
Status Code:200 OK

I'm on chrome 46.0.2490.86 (64-bit) on macOS

Do you know some similar issues with your lib ?

Thanks

@pyrsmk
Copy link
Owner

pyrsmk commented Nov 25, 2015

Really weird... Qwest by itself does not know what an OPTIONS request method is. So I assume it's a bug in your code somewhere, or in Chrome for Mac.

@ydeshayes
Copy link
Author

I will look much deeper. But I've got the same behavior on firefox.

Stock XHR request work fine:

var oReq = new XMLHttpRequest();
oReq.open("get", "https://myUrl", true);
oReq.send();

Thanks for your help

@ydeshayes
Copy link
Author

Catch the problem:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

So it's not the lib.
Thanks

@pyrsmk
Copy link
Owner

pyrsmk commented Nov 25, 2015

Good to know ;)

@vpatil
Copy link

vpatil commented Nov 30, 2015

I'm running into the same issue (and in my case, it's generating a 403). Like @ydeshayes, a stock XHR request works fine, but a qwest.get fails.

I think what's happening is that the Cache-Control header being added by default is not a "simple request header", and so triggers preflighting.

From the spec (http://www.w3.org/TR/cors/):

A header is said to be a simple header if the header field name is an ASCII case-insensitive match for Accept, Accept-Language, or Content-Language or if it is an ASCII case-insensitive match for Content-Type and the header field value media type (excluding parameters) is an ASCII case-insensitive match for application/x-www-form-urlencoded, multipart/form-data, or text/plain.

Setting { cache:true } in my qwest.get call appears to work around the problem, since it prevents Cache-Control from being added.

@pyrsmk
Copy link
Owner

pyrsmk commented Nov 30, 2015

Thanks a lot for the explanations! I'll put a note on CORS in the docs ;)

@pyrsmk
Copy link
Owner

pyrsmk commented Jan 5, 2016

@vpatil : I was thinking of your last comment. With cache set to true, you always have the same body returned? That's a big issue if we don't want cache with CORS.

If somebody is running into this issue, try to set Cache-Control to an empty string in the headers param of qwest. If the problem persists, please reopen!

This was referenced Jan 5, 2016
@cdll cdll mentioned this issue May 30, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants