Menu
I am using jersey as my restful api implementation. In the front end, I am using angularjs $http service to make http request. When I request a delete method I always got below error.
"Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response."
I read some articles and they say I need to allow delete on "Access-Control-Allow-Methods". I have setup the response filter as below but it still has such problem. What else should I do?
@Provider
public class CORSResponseFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*");
headers.add("Access-Control-Allow-Methods", "*");
}
}
below is my angular code to make the request:
$http({
method: 'DELETE',
url: remoteUrl,
headers : {'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8',
'ACCESS_TOKEN' : $cookieStore.get("access_token")
},
data : $httpParamSerializer({
'id':id
})
}).success(function(data,status,headers,config) {
$scope.refreshDepartments();
console.log(data);
alert("success");
}).error(function(data,status,headers,config){
console.log(data);
alert("error");
});
507
After some testing, I found the solution. I put the allow method on the header as below, then it works. I don't know why "*" doesn't work.
headers.add("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
The value " * " only counts as a special wildcard value for requests without credentials (requests without HTTP cookies or HTTP authentication information). In requests with credentials, it is treated as the literal method name "*" without special semantics.
Source : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
3
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
