Response for preflight has invalid HTTP status code 400 - aspx

0
votes

I am writing both server and client using visual studio 2015. The following problem occurs in Chrome and FireFox, but works perfect in Explorer. I am doing a Rest post call using AJAX to my server, the AJAX code:

function CheckIntegrityExecution() {
    var request = ...
    var reqJson = JSON.stringify(request);
    $.ajax({
        type: "POST",
        url: "http://localhost:55857/api/post/flow",
        contentType: "application/json; charset=utf-8",
        dataType: "json",
        data: reqJson,
        success: function (jsonData) {
            ...
        },
        error: function () {
            alert("error");
        }
    });
}

Initially I was getting 405 error, and this was fixed with adding 

    var cors = new EnableCorsAttribute("http://localhost:55857", "*", "*");
    config.EnableCors(cors);

To the Register function in Global.asax:

public static void Register(HttpConfiguration config)

Now I getting the following error:

XMLHttpRequest cannot load http://localhost:55857/api/post/flow. Response for preflight has invalid HTTP status code 400

The method signature in my server is 

[Route("api/post/flow")]
public HttpResponseMessage PostCommand([FromBody] dynamic value)

And I have these configuration in my Web.config in the WebApi.

  <customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
    <add name="Access-Control-Allow-Methods" value="OPTIONS, TRACE, GET, HEAD, POST, PUT" />
    <add name="Access-Control-Allow-Headers" value="Origin, Content-Type, Authorization, Accept, X-Requested-With" />
  </customHeaders>

I notice that if I delete 

contentType: "application/json; charset=utf-8",

from the Ajax request I will work, but I will not get the data in my server.

I have no ideas what to do, tried everything.

1
javascriptc#jqueryajaxcors
could you just try using type object instead of dynamic ? - Developer
@Developer This is not fixing my problem, why this change is needed? - daniel the man
just wanna check whether this is model binding related issue while binding to json to dynamic object. Usually contentType: "application/json" (I never give charset though) should bind properly to object/class - Developer
@Developer This is not the current problem. (double checked it in my project and still same error) - daniel the man
oops I'm so sorry, dint read the question title. Seems like your issue is with CORS preflight. Ideally you don't need to configure CORS in two places - you can have it either in code or in config. Probably you will get more details from fiddler output. - Developer

1 Answers

2
votes

The solution was to add the following to the Global.asax file

protected void Application_BeginRequest()
{
    var context = HttpContext.Current;
    var response = context.Response;


    if (context.Request.HttpMethod == "OPTIONS")
    {
        response.AddHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
        response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
        response.End();
    }
}