Reputation: 13
OneDrive REST API - CORS POST request
I'm trying to create a folder using the OneDrive REST API following the official documentation (http://msdn.microsoft.com/en-us/library/dn659743.aspx#create_a_folder). I have implemented it as AJAX request in JavaScript, which results in a CORS request in the browser.
As expected, the browser sends a first OPTIONS request with the relevant headers:
Access-Control-Request-Headers:authorization, content-type
Access-Control-Request-Method:POST
The response headers, however, does not include authorization as allowed header:
Access-Control-Allow-Headers:Content-Type
Access-Control-Allow-Methods:GET, POST, DELETE, PUT, HEAD, MOVE, COPY
Access-Control-Allow-Origin:*
Access-Control-Max-Age:2592000
Consequently, the browser (Chromium 34 in this case) logs an error in the console and does not submit the POST request, since it is not allowed to add the Authorization header:
XMLHttpRequest cannot load https://apis.live.net/v5.0/me/skydrive. Request header field authorization is not allowed by Access-Control-Allow-Headers.
Is there any way to get around this issue? From my understanding this is a server issue, since the documentation explicitly asks for this header.
Upvotes: 1
Views: 691
Answers (1)
Reputation: 4192
You should still be able to provide the access_token as a query parameter like the "Delete a Folder" example (and don't provide it via the Authorization header).
Upvotes: 1
Related Questions
- Azure API Management > CORS and POST
- OneDrive REST API and Sharepoint Online
- OneDrive oAuth token request gets CORS error
- Onedrive cors download in javascript
- HTTP Post to Onedrive RestAPI
- CORs rule not found when putting data in azure storage
- ajax get request to Office365 REST Api fails CORS?
- OneDrive REST API
- Error in uploading file (from public url) to onedrive using REST API
- OneDrive API upload file as public