Sending allowed methods if not requested a specific ones

[LuisEGR]

When sending an Angular http PUT request, there is not header automatically added access-control-request-methods, and since this is not requesting an specific method, the header access-control-allow-methods is not populated causing a CORS error (Method PUT is not allowed by Access-Control-Allow-Methods in preflight response), so to fix this, in case there is not method requested, all the allowed methods are added as access-control-allow-methods, this fixes this problem.

[keroxp]

@LuisEGR Sorry, I don't fully understand what you described.

When sending an Angular http PUT request, there is not header automatically added access-control-request-methods,

Do you mean Angular JS doesn't send preflight request before sending PUT request? Really? Isn't it purely CORS violation?

[LuisEGR]

@LuisEGR Sorry, I don't fully understand what you described.

When sending an Angular http PUT request, there is not header automatically added access-control-request-methods,

Do you mean Angular JS doesn't send preflight request before sending PUT request? Really? Isn't it purely CORS violation?

I've just took a deeper look and it does send the pre-flight request correctly, the error itself is the header name, it should be singular access-control-request-method, I've just modified the pull request to reflect that, it works now.

OPTIONS /response/set HTTP/1.1
Host: localhost:8899
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type,oaid
Referer: http://localhost:4200/
Origin: http://localhost:4200
Connection: keep-alive

[keroxp]

the error itself is the header name

@LuisEGR Oh, I missed it! 😫