Symfony Ajax same origin policy

Question

I am trying to send an AJAX request from the domain: 127.0.0.1:8000 to localhost:8000. This call is ending in an

Status Code: 405 Method Not Allowed

I have add an listener, which is sending the right headers for the origin problem:

<?php

namespace AppBundle\Listener;

use Symfony\Component\HttpKernel\Event\FilterResponseEvent;

/**
 * Class CorsListener is handling on Kernel response header actions
 * @package AppBundle\Listener
 */
class CorsListener {
    public function onKernelResponse(FilterResponseEvent $event) {
        $request = $event->getRequest();

        // allow this only for the tracking URL
        /*if(strpos($request->getHost(), 'api.') === false) {
            return;
        }*/
        $event->getResponse()->headers->set('Access-Control-Allow-Headers', 'origin, content-type, accept');
        $event->getResponse()->headers->set('Access-Control-Allow-Origin', '*');
        $event->getResponse()->headers->set('Access-Control-Allow-Methods', 'POST, GET, PUT, DELETE OPTIONS');
    }
}

But even the headers, you can see in the image below, it is not possible to become the request.

Some help?

Answer 1

I had to allow the OPTIONS method in my Symfony Controller:

* @Method({"GET", "POST", "OPTIONS"})

Answer 2

You seem to be missing a comma

$event->getResponse()->headers->set('Access-Control-Allow-Methods', 'POST, GET, PUT, DELETE OPTIONS');

Should be

$event->getResponse()->headers->set('Access-Control-Allow-Methods', 'POST, GET, PUT, DELETE, OPTIONS');

DELETE and OPTIONS are two separate methods.