I am trying to perform a cross domain request with Chrome (latest version) and a Web API action for POST is first being negotiated by chrome using the OPTIONS verb. Using jQuery 2.1, I have set$.support.cors =true and the ajax request property crossDomain: true. In my web.config i have set:
<httpProtocol><customHeaders><add name="Access-Control-Allow-Origin" value="*" /><add name="Access-Control-Allow-Headers" value="*" /><add name="Access-Control-Allow-Methods" value="GET, POST, PUT, OPTIONS" /></customHeaders></httpProtocol>
As well, I have installed the latest NuGet package from MS for the project and callconfig.EnableCors() inside the WebApiConfig.Register method.
Below is the request being sent:
OPTIONS /visitorservice/api/Visitor/PostNewSession/account/4/site/1000 HTTP/1.1 Host: mg.mycompany.com Connection: keep-alive Cache-Control: no-cache Pragma: no-cache Access-Control-Request-Method: POST Origin: http://localhost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36 Access-Control-Request-Headers: accept, x-mycompanyvisitor, content-type Accept: */* DNT: 1 Referer: http://localhost/test2.htm Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8
And below is the response.
HTTP/1.1 405 Method Not Allowed Cache-Control: no-cache Pragma: no-cache Allow: POST Content-Type: application/json; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Access-Control-Allow-Origin: * Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS Date: Wed, 05 Mar 2014 15:59:38 GMT Content-Length: 76
