Firefox忽略CORS方法

Question

我正在實施一個CORS支持的Web服務。一切工作正常，除非我發出刪除請求。火狐發送以下預檢：

OPTIONS /node-configuration?sessionId=cee013ce-53e6-11e6-8929-7efd7b6db237&address=127.0.0.1&port=8043 HTTP/1.1 
Host: 127.0.0.1:8032 
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Language: en-US,en;q=0.5 
Accept-Encoding: gzip, deflate, br 
Access-Control-Request-Method: DELETE 
Origin: XXX 
Connection: keep-alive 

而且服務器響應：

HTTP/1.1 200 OK 
Content-Length: 0 
Strict-Transport-Security: max-age=31536000; includeSubDomains 
Access-Control-Allow-Origin: XXX 
Access-Control-Allow-Method: POST, GET, DELETE, OPTIONS 

正如你所看到的，刪除是在訪問控制允許法頭。但是，當我發送請求：

DELETE /node-configuration?sessionId=cee013ce-53e6-11e6-8929-7efd7b6db237&address=127.0.0.1&port=8043 
Accept: application/json, text/plain, */* 
Accept-Encoding: gzip, deflate, br 
Accept-Language: en-US,en;q=0.5 
Connection: keep-alive 
Host: 127.0.0.1:8032 
Origin: XXX 
Referer: XXX 
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0 

火狐阻止它：在CORS沒有找到方法「訪問控制允許的方法」

我缺少的東西？

Answer 1

頭部被稱爲Access-Control-Allow-Methods，你錯過了s在響應頭部的末尾。