Menu
I'm trying to send a CORS POST request to an server.
In Chrome, this works as expected - OPTIONS preflight request is sent to server, server responds with access control headers, POST request is sent. When I try to do this in IE or Firefox, no referer is sent with the OPTIONS request, so I cannot add the access-control-allow-origin header (as this is done programatically).
Javascript is:
$.ajax({
url: $(this).attr('href'),
type: 'POST',
xhrFields: {
withCredentials: true,
},
contentType: 'application/json; charset=utf-8;',
data: JSON.stringify(data),
success: function (response) {
alert(response);
},
});
return false;
});
The headers in Chrome are as follows:
The headers in Firefox are as follows:
Is there a way to guarantee that the referrer will be sent with the OPTIONS preflight request? And if not - is there another way to get the referring URL so I can add the allow origin header?
900
asked Jan 29 '26 01:01
Solved this by using the Origin header that is sent along with the preflight request. So if the Origin URL is one of the acceptable hosts, add the access-control-allow-origin header with the originating url.
174
answered Jan 30 '26 13:01
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With