добавил в конфиг
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PATCH, DELETE';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Platform,X-Type,X-User-Id,X-User-Token';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'DELETE') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PATCH, DELETE';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Platform,X-Type,X-User-Id,X-User-Token';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}и при запросе DELETE, он проверяет запрос через OPTIONS
заголовки запроса
Host: ie.test.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: */*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: DELETE
Access-Control-Request-Headers: x-platform,x-type,x-user-id,x-user-token
Referer: https://test.com/profile/pay
Origin: https://test.com
Proxy-Authorization: Basic c2ltYToxODAy
Connection: keep-alive
заголовки ответа
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 06 Dec 2019 10:10:40 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, DELETE, PUT
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Platform,X-Type,X-User-Id,X-User-Token
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0а для DELETE
заголовки запроса
Host: ie.test.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: application/json, text/plain, */*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
X-Platform: web
X-Type: desktop
X-User-Id: 36764
X-User-Token: tSdtsFUCx6ivyrk_iGuS
Origin: https://test.com
Proxy-Authorization: Basic c2ltYToxODAy
Connection: keep-alive
Referer: https://test.com/profile/pay
Pragma: no-cache
Cache-Control: no-cacheзаголовки ответа
HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 06 Dec 2019 12:21:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Set-Cookie: request_method=DELETE; path=/
X-Request-Id: 40edd65f-cee8-4431-9e28-477969bca5c4
X-Runtime: 0.010758хотя если проверяю на другом url
для OPTIONS
заголовки запроса
Host: ie.test.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: */*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: DELETE
Access-Control-Request-Headers: x-platform,x-type,x-user-id,x-user-token
Referer: https://test.com/profile/places/
Origin: https://test.com
Proxy-Authorization: Basic c2ltYToxODAy
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cacheзаголовки ответа
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 06 Dec 2019 12:43:34 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Platform,X-Type,X-User-Id,X-User-Token
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0для DELETE
заголовки запроса
Host: ie.test.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: application/json, text/plain, */*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
X-Platform: web
X-Type: desktop
X-User-Id: 36764
X-User-Token: tSdtsFUCx6ivyrk_iGuS
Origin: https://test.com
Proxy-Authorization: Basic c2ltYToxODAy
Connection: keep-alive
Referer: https://test.com/profile/places/
Pragma: no-cache
Cache-Control: no-cacheзаголовки ответа
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 Dec 2019 12:43:34 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ETag: W/"6731f2d8a8e7286397d1c340c0fbfd40"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: request_method=DELETE; path=/
X-Request-Id: 62fb2377-bf38-41da-9e8b-980d44d60e16
X-Runtime: 0.046917
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Platform,X-Type,X-User-Id,X-User-Token
Access-Control-Expose-Headers: Content-Length,Content-Rangeчто не так настроено?
