0

Javascript fetch function sends OPTIONS instead of POST. I test from localhost.

  function getTokenAction() {
            fetch(full_url, {
                method: 'POST',
                body: queryString,
                headers: {
                    'Access-Control-Allow-Methods': 'POST, GET, PUT, DELETE, OPTIONS',
                    'Access-Control-Allow-Origin': '*',
                    'Access-Control-Allow-Headers': 'origin, x-requested-with, content-type',
                    'Accept': 'application/json',
                   // 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'
                    'Content-Type': 'application/json;charset=UTF-8'
                }
            }).then(function (response) {
                console.log(response.statusText);
            }).catch(function (error) {

                console.log(error);
            });

I could make it work using JQuery. But fetch function still doesn't work.

 function  getTokenJquery() {
        let settings = {
            "async": true,
            "crossDomain": true,
            "url": full_url,
            "method": "POST",
            "headers": {
                "content-type": "application/x-www-form-urlencoded",
                "accept": "application/json"
            },
            "data": {
                client_id: 'd5eecb6e23eadb3175c5cb51b2dfec1f74850c19',
                client_secret: 'eff5fc8c1d57f69130d780cfa032aa30be0fb7f2',
                grant_type: 'client_credentials'
            }
        }

        $.ajax(settings).done(function (response) {
            console.log(response);
        });
Dima Belkin
  • 11
  • 1
  • 2
    No it doesn't - OPTIONS is sent _by the browser_ (any browser, it's universal behaviour) as a preflight check to see [whether you are even allowed to POST](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS) to the url you're trying to reach. It's a sanity measure to make sure you're not wasting tons of bandwidth posting data to a route you have no access to, and your server should have OPTIONS clearance turned on (either manually, or by using the correct middleware/plugins that handling posting). So: what server are you using, and what route handling did you set up for it? – Mike 'Pomax' Kamermans Mar 13 '20 at 20:23
  • Are you having issues? Or is it just that you're seeing `OPTIONS` with your `POST` request? – goto Mar 13 '20 at 20:26
  • If you have access to the server you can probably see some error log related to this connection, like some mispelling in a PHP file. – leonardofmed Mar 13 '20 at 20:50
  • @Mike'Pomax'Kamermans It's public REST API I don't have direct access to the server. – Dima Belkin Mar 13 '20 at 21:07
  • 1
    Then it already has full CORS support, and you should read their documentation on how to properly make requests. It's a good bet they don't allow you to make unauthenticated requests from localhost (because that would be a fantastic way to take down their service by anyone who'd want to). – Mike 'Pomax' Kamermans Mar 13 '20 at 21:09
  • @goto1Yes I'm having an issue, I can't receive auth token from JavaScript code. The same code in C# in Windows console app works well and it sends POST. If OPTIONS is generated by browser what should I do with this in JavaScript? – Dima Belkin Mar 13 '20 at 21:10
  • @Mike'Pomax'Kamermans Do you mean that I can't even get auth token from localhost? – Dima Belkin Mar 13 '20 at 21:12
  • Not sure how you expect me to know? Read their API documentation, that's what it's for. I don't even know which API you're using (because you didn't tell us that in your post) – Mike 'Pomax' Kamermans Mar 13 '20 at 21:14
  • 1
    Here is what worked out for me function getTokenAction() { fetch(full_url, { method: 'POST', mode:'no-cors', body:queryString, headers: { "content-type": "application/x-www-form-urlencoded", "accept": "application/json" } }).then(function (response) { console.log(response.statusText); }).catch(function (error) { console.log(error); }); – Dima Belkin Mar 14 '20 at 08:50

0 Answers0