You’re reading the English version of this content since no translation exists yet for this locale. Help us translate this article!
Reason: invalid token ‘xyz’ in CORS header ‘Access-Control-Allow-Methods’
What went wrong?
Access-Control-Allow-Methods header is sent by the server to let the client know what HTTP request methods it supports for CORS requests. The header's value is a comma-delineated string of HTTP method names, such as
HEAD. If any of the specified values are not recognized by the client user agent, this error occurs.
This is a problem that most likely can only be fixed on the server side, by modifying the server's configuration to no longer send the invalid or unknown method name with the
Access-Control-Allow-Methods header. It may also be worth checking to ensure that the user agent or HTTP library you're using on the client is up-to-date.