See also
Applications often use web services to perform certain tasks or retrieve information from the server without changing or reloading pages; these requests are made via JavaScript (they will add the header X-Requested-With: XMLHttpRequest) and usually in JSON or XML formats, with a Content-Type header with the value application/json or application/xml. When this happens, and we try to make a cross-site/domain request, the browser will perform what is called a preflight check, which means that before the intended request, the browser will send an OPTIONS request to verify what methods and content types the server allows being requested from cross origins (domains other than the one the application belongs to).
The preflight check can ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access