Method DELETE is not allowed by Access-Control-Allow-Methods


#1

I have setup a role that should allow all methods on all services. Everything works fine, except for the DELETE method. Is this a bug or a setting that I have missed?

The DSP is hosted on Heroku with the one-click setup that you have created.

Edit: Headers

Remote Address:myIp
Request URL:http://myUrl/rest/db/contacts/51
Request Method:OPTIONS
Status Code:204 No Content
Request Headersview source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-GB,en-US;q=0.8,en;q=0.6
Access-Control-Request-Headers:x-dreamfactory-session-token, accept, x-dreamfactory-application-name
Access-Control-Request-Method:DELETE
Cache-Control:no-cache
Connection:keep-alive
Host:myUrl
Origin:http://localhost
Pragma:no-cache
Referer:http://localhost
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36
Response Headersview source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Content-Type,X-Requested-With,X-DreamFactory-Application-Name,X-Application-Name,X-DreamFactory-Session-Token,X-HTTP-Method,X-HTTP-Method-Override,X-METHOD-OVERRIDE
Access-Control-Allow-Methods:OPTIONS
Access-Control-Allow-Origin:*
Access-Control-Max-Age:900
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection:keep-alive
Content-Length:0
Content-Type:text/plain;charset=UTF-8
Date:Tue, 16 Dec 2014 12:51:32 GMT
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Pragma:no-cache
Server:Apache/2.4.10 (Unix)
Set-Cookie:PHPSESSID=bth3nnj3n0s0u2cle8a9jlvkr7; path=/
Via:1.1 vegur
X-Dreamfactory-Origin-Whitelisted:0
X-Dreamfactory-Source:http://myUrl
X-Powered-By:PHP/5.6.3

#2

Edit2: I’ve now changed the CORS settings to allow it, but this is the third time that I’ve done so. Why does the CORS setting revert?


#3

Sorry about the issue on Heroku. See this post CORS settings keep on resetting. We’re working on a better solution for Heroku, but please try this workaround for now.