Minimal cross domain ajax example that forces preflight OPTIONS

Question

So, I am trying to combine cross domain services and basic authentication in a server built with Express. For a specific route I am using on the client side the following ajax call:

$.ajax({
    type: "PUT",
    accepts: "application/json",
    url: aURL,
    data: JSON.stringify(toPut),
    contentType: "application/json; charset=UTF-8",
    dataType: "json",
    success: function(data, textStatus, jqXHR) {
        alert("Received success: '" + JSON.stringify(data) + "'");
    },
    error: function (data, textStatus, errorThrown) {
        alert("Received error: '" + JSON.stringify(data) + "'\n Status: '" + textStatus + "'\n error thrown = '" + errorThrown + "'");
    },
    crossDomain: true,
    xhrFields: {
        withCredentials: true
    },
    username: myData.username,
    password: myData.password
}).done(function() {;}).fail(function() {
    alert( "error while putting something" );
}).always(function() {;});

However, in the console for the server I do not really see an OPTIONS request coming in. What can be wrong?

Answer 1

If you don't see the OPTIONS request, either the request is not being sent, or it is being intercepted before it hits your server, or it is not a cross-origin request. Any cross-origin PUT request will result in a preflight (OPTIONS), as will a DELETE, or any other method other than POST, GET, or HEAD. A POST/GET/HEAD will also result in a preflight if it includes non-simple headers, such as a POST with a Content-Type of "application/json".

Note that tracking upload progress on cross-domain XHR2 requests will also result in a preflight.