Access-Control-Request-Method

Description

The Access-Control-Request-Method header is automatically sent by the browser during preflight requests. It tells the server which HTTP method will be used for the actual request, allowing the server to approve or deny it.

Syntax & allowed values

  • Access-Control-Request-Method: <method>

Code examples

CLIENT

// When you make a request with a non-simple method:
fetch('https://api.example.com/data', {
  method: 'PUT',
  headers: {
    'Content-Type': 'application/json'
  }
});

// Browser automatically sends preflight with:
// Access-Control-Request-Method: PUT

Frequently asked questions

Do I need to set this header manually?

No, the browser automatically sends this header during preflight requests based on the method in your actual request.

When is this header sent?

During preflight requests when your request uses a non-simple method (anything other than GET, HEAD, or POST) or meets other CORS preflight conditions.

Tired of CORS errors?

Corsfix enables you to fetch any API without getting CORS issues, allowing you to focus on building your application.

Try Corsfix free