Access-Control-Request-Method

The HTTP Access-Control-Request-Method request header is sent by the client to indicate which HTTP method will be used during the upcoming HTTP request.

Usage

The Access-Control-Request-Method request header is part of the CORS protocol to allow cross-origin sharing, and it is sent as part of a preflight request to indicate which HTTP method will be used during the actual HTTP request.

Note

This is a mandatory HTTP header during preflight because preflight requests are always made using HTTP OPTIONS method, which will not be the same as the subsequent HTTP request.

Example

In this example, the client sends a preflight request using HTTP OPTIONS method and indicates that it will be using the HTTP GET method in the actual HTTP request.

Request

[[OPTIONS]] /
Access-Control-Request-Method: GET

Takeaway

The Access-Control-Request-Method request header is sent by a client to inform the server concerning the HTTP request method that it will use in the upcoming HTTP request.

See also

Last updated: June 2, 2022