Preflight request. What is it?
Thread ๐งต๐
Thread ๐งต๐
A preflight request is an HTTP request sent by a browser that checks to see if the CORS (Cross-Origin Resource Sharing) protocol is allowed by the server before making the actual request.
A preflight request contains the following information:
Origin: indicates the origin of the request (server name)
Access-Control-Request-Method: which HTTP methods will be used
Access-Control-Request-Headers: keys that will be in the headers
Origin: indicates the origin of the request (server name)
Access-Control-Request-Method: which HTTP methods will be used
Access-Control-Request-Headers: keys that will be in the headers
Here is an example:
OPTIONS /resource/update (this is a sample URL)
Origin: https://exampleurl. com
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: origin, x-requested-with
OPTIONS /resource/update (this is a sample URL)
Origin: https://exampleurl. com
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: origin, x-requested-with
The response from the server may look like this:
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
In the example above, the "*" means the server accepts all origins (domains).
Access-Control-Allow-Methods contains the list of all allowed methods accepted by the server.
Access-Control-Allow-Methods contains the list of all allowed methods accepted by the server.
The response status code is also essential.
The browser can move on to perform the actual request if the server returns a status code of 2xx.
The browser can move on to perform the actual request if the server returns a status code of 2xx.
Thanks for reading!
Follow us @Rapid_API for more exclusive content. ๐๐
Follow us @Rapid_API for more exclusive content. ๐๐
Loading suggestions...