Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access-Control-Allow-Methods is response header #33660

Closed
bravequickcleverfibreyarn opened this issue Sep 19, 2024 · 1 comment · Fixed by #33673
Closed

Access-Control-Allow-Methods is response header #33660

bravequickcleverfibreyarn opened this issue Sep 19, 2024 · 1 comment · Fixed by #33673
Assignees
@tdykstra
Labels
aspnet-core/svc doc-bug okr-health Content health internal initiative security/subsvc seQUESTered Identifies that an issue has been imported into Quest. Source - Docs.ms Docs Customer feedback via GitHub Issue

Comments

@bravequickcleverfibreyarn
Copy link
Contributor

bravequickcleverfibreyarn commented Sep 19, 2024
edited by sequestor bot
Loading

Description

From https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-8.0#preflight-requests

The preflight request uses the HTTP OPTIONS method. It may include the following headers:

From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods

The Access-Control-Allow-Methods response header specifies one or more methods allowed when accessing a resource in response to a preflight request.

Access-Control-Allow-Methods does not participate in any request including CORS preflight.

Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-8.0#ecors6

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/cors.md

Document ID

d3f332c4-4c60-039e-0e1e-bc6b11831f87

Article author

@tdykstra

Associated WorkItem - 317475
tdykstra added a commit that referenced this issue Sep 21, 2024
@tdykstra
Remove Access-Control-Allow-Methods from request header list
47dfd29 
Fixes #33660 
Access-Control-Allow-Methods is a response header, not a request header
@tdykstra tdykstra mentioned this issue Sep 21, 2024
Merged
@tdykstra tdykstra self-assigned this Sep 21, 2024
@tdykstra tdykstra added doc-bug reQUEST Triggers an issue to be imported into Quest okr-health Content health internal initiative and removed ⌚ Not Triaged labels Sep 21, 2024
@tdykstra
Copy link
Contributor

@bravequickcleverfibreyarn Thanks for reporting this.

Rick-Anderson pushed a commit that referenced this issue Sep 21, 2024
@tdykstra
Remove Access-Control-Allow-Methods from request header list (#33673)
573b59b 
Fixes #33660 
Access-Control-Allow-Methods is a response header, not a request header
@sequestor sequestor bot added seQUESTered Identifies that an issue has been imported into Quest. and removed reQUEST Triggers an issue to be imported into Quest labels Sep 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tdykstra tdykstra

Labels
aspnet-core/svc doc-bug okr-health Content health internal initiative security/subsvc seQUESTered Identifies that an issue has been imported into Quest. Source - Docs.ms Docs Customer feedback via GitHub Issue
Projects
dotnet/AspNetCore.Docs September 2024 sprint
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove Access-Control-Allow-Methods from request header list dotnet/AspNetCore.Docs
3 participants
@tdykstra @dotnet-bot @bravequickcleverfibreyarn