How to resolve ‘preflight is invalid (redirect)’ or ‘redirect is not allowed for a preflight request’

Short answer: Make the request URL in your code isn’t missing a trailing slash.

A missing-trailing-slash problem is the most-common cause of the error cited in the question.

But that’s not the only cause — just the most common. Read on for more details.

When you see this error, it means your code is triggering your browser to send a CORS preflight OPTIONS request, and the server’s responding with a 3xx redirect. To avoid the error, your request needs to get a 2xx success response instead.

You may be able to adjust your code to avoid triggering browsers to send the OPTIONS request.

As far as what all’s going on in this case, it’s important to know browsers do a CORS preflight if:

  • the request method is anything other than GETHEAD, or POST
  • you’ve set custom request headers other than AcceptAccept-LanguageContent-LanguageContent-TypeDPRDownlinkSave-DataViewport-Width, or Width
  • the Content-Type request header has a value other than application/x-www-form-urlencodedmultipart/form-data, or text/plain

If you can’t change your code to avoid need for browsers to do a preflight, another option is:

  1. Examine the URL in the Location response header in the response to the OPTIONS request.
  2. Change your code to make the request to that other URL directly instead.

The difference between the URLs might be something as simple as a trailing slash in the path — for example, you may need to change the URL in your code to add a trailing slash — e.g., http://localhost/api/auth/login/ (notice the trailing slash) rather than http://localhost/api/auth/login (no trailing slash) — or you might instead need to remove a trailing slash.

You can use the Network pane in browser devtools to examine the response to the OPTIONS request and to find the redirect URL in the value of the Location response header.

Related Posts:

  1. No ‘Access-Control-Allow-Origin’ header is present on the requested resource—when trying to get data from a REST API
  2. Using prevNext Modx Addon
  3. :wq! command in vim
  4. how to set the background color of the status bar during the launching phase [duplicate]
  5. api-ms-win-crt-runtime-l1-1-0.dll is missing when opening Microsoft Office file [closed]
  6. When is K 1024 and when is it 1000?
  7. What is a MIME type?
  8. Logitech/LGHUB Lua – Loop with break
  9. are there dictionaries in javascript like python?
  10. How can I convert MP3 file to a Base64 encoded string? [closed]
  11. Understanding The Modulus Operator %
  12. Understanding the main method of python [duplicate]
  13. Dial pad to get phone number (with Android button images)
  14. TypeError: only integer scalar arrays can be converted to a scalar index with 1D numpy indices array
  15. How is the AND/OR operator represented as in Regular Expressions?
  16. TypeError: only integer scalar arrays can be converted to a scalar index with 1D numpy indices array
  17. Istio Ingress resulting in “no healthy upstream”
  18. Why is it not possible to fake an IP address?
  19. How to open a “-” dashed filename using terminal?
  20. Substring in excel
  21. What is a LAMP stack?
  22. What is a sanity test/check
  23. What is the difference between POST and PUT in HTTP?
  24. What is the difference between POST and PUT in HTTP?
  25. How to find Google’s IP address?
  26. What exactly is a VBO in OpenGL?
  27. What and where are the stack and heap?
  28. ping response “Request timed out.” vs “Destination Host unreachable”
  29. Authentication versus Authorization
  30. What is a reverse shell?
  31. How does npm start work? What all processes are happening in the background?
  32. What is an instance variable in Java?
  33. What is the := operator?
  34. What is tail recursion?
  35. Discord music bot not working
  36. What does “:=” mean in Pseudocode? [closed]
  37. Why am I getting error for apple-touch-icon-precomposed.png
  38. No results found on kibana -> discover
  39. What is Xpenology? Is it Linux related thing?
  40. Why do we need virtual functions in C++?
  41. Why does my JavaScript code receive a “No ‘Access-Control-Allow-Origin’ header is present on the requested resource” error, while Postman does not?
  42. What is a CSRF token? What is its importance and how does it work?
  43. How does Access-Control-Allow-Origin header work?
  44. Create blank image in Imagemagick
  45. Official definition of CSCI (Computer Software Configuration Item)
  46. How could I ping @here in Discord.py?
  47. Python Math – TypeError: ‘NoneType’ object is not subscriptable
  48. What does %>% mean in R [duplicate]
  49. Cross-Origin Read Blocking (CORB)
  50. super() in Java
  51. Visual List of iOS Fonts?
  52. What is useState() in React?
  53. TCP vs UDP – What is a TCP connection? [duplicate]
  54. How do I copy folder with files to another folder in Unix/Linux? [closed]
  55. ssh : Permission denied (publickey,gssapi-with-mic)
  56. Eclipse IDE for Java – Full Dark Theme
  57. Amazon Linux: apt-get: command not found
  58. Google Calendar API event insert always return 404 “not found” error
  59. ssh connect Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)
  60. What’s the syntax for mod in java
  61. What does the Java assert keyword do, and when should it be used?
  62. How to get rid of the “No bootable medium found!” error in Virtual Box? [closed]
  63. How do I fix a “Expected Primary-expression before ‘)’ token” error?
  64. Using getline() with file input in C++
  65. STDERR? What is it? What are its common uses?
  66. Cross-Origin Read Blocking (CORB)
  67. UML Sequence diagram auto-numbering in Visual Paradigm
  68. Error in “MLSD” command While Connecting FTP to Server [closed]
  69. Java default constructor
  70. How do I make a delay in Java?
  71. Casting variables in Java
  72. Handling file renames in Git
  73. PermissionError: [Errno 13] in Python
  74. Why are there two ways to unstage a file in Git?
  75. ‘git’ is not recognized as an internal or external command
  76. did you specify the right host or port? error on Kubernetes
  77. Compiler Error “void value not ignored as it ought to be” in C programming [duplicate]
  78. How does Java’s PriorityQueue differ from a min-heap?
  79. What is archive mode in rsync?
  80. How to get Twitch watchtime (like streamelements)
  81. What is the difference between functional and non-functional requirements?
  82. how to use cookie-free domains (yslow)
  83. How to accept space in regex?
  84. Exception in thread “AWT-EventQueue-0” java.lang.NullPointerException Error
  85. Is a wildcard CNAME DNS record valid?
  86. What is a Memory Heap?
  87. 403 Forbidden vs 401 Unauthorized HTTP responses
  88. Turn off pager for psql’s interactive output
  89. Advanced AREL or just Rails Query for has_many through search by association
  90. File extension .DB – What kind of database is it exactly?
  91. Mealy v/s. Moore
  92. How to resolve “The requested URL was rejected. Please consult with your administrator.”
  93. What does “xmlns” in XML mean?
  94. Error 6 (net::ERR_FILE_NOT_FOUND): The files c or directory could not be found
  95. Why does my JavaScript code receive a “No ‘Access-Control-Allow-Origin’ header is present on the requested resource” error, while Postman does not?
  96. “If not” condition statement in python
  97. ‘git’ is not recognized as an internal or external command
  98. How do I get my C# program to sleep for 50 msec?
  99. What is an idiomatic way of representing enums in Go?
  100. C compiler for Windows?

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)