edit 2018-09-13: added some precisions about this pre-flight request and how to avoid it at the end of this reponse. OPTIONS requests are what we call pre-flight requests in Cross-origin resource sharing (CORS). They are necessary when you’re making requests across different origins in specific situations. This pre-flight request is made by some browsers as … Read more
One possible solution uses JavaScript on the client. The client algorithm: Generate a random unique token. Submit the download request, and include the token in a GET/POST field. Show the “waiting” indicator. Start a timer, and every second or so, look for a cookie named “fileDownloadToken” (or whatever you decide). If the cookie exists, and … Read more
The limit is dependent on both the server and the client used (and if applicable, also the proxy the server or the client is using). Most web servers have a limit of 8192 bytes (8 KB), which is usually configurable somewhere in the server configuration. As to the client side matter, the HTTP 1.1 specification even … Read more
https://httpbin.org/ It echoes the data used in your request for any of these types: https://httpbin.org/anything Returns most of the below. https://httpbin.org/ip Returns Origin IP. https://httpbin.org/user-agent Returns user-agent. https://httpbin.org/headers Returns header dict. https://httpbin.org/get Returns GET data. https://httpbin.org/post Returns POST data. https://httpbin.org/put Returns PUT data. https://httpbin.org/delete Returns DELETE data https://httpbin.org/gzip Returns gzip-encoded data. https://httpbin.org/status/:code Returns given HTTP … Read more
If your action is not idempotent, then you MUST use POST. If you don’t, you’re just asking for trouble down the line. GET, PUT and DELETE methods are required to be idempotent. Imagine what would happen in your application if the client was pre-fetching every possible GET request for your service – if this would … Read more
<?php // // A very simple PHP example that sends a HTTP POST to a remote site // $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,”http://www.example.com/tester.phtml”); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, “postvar1=value1&postvar2=value2&postvar3=value3”); // In real life you should use something like: // curl_setopt($ch, CURLOPT_POSTFIELDS, // http_build_query(array(‘postvar1’ => ‘value1’))); // Receive server response … curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $server_output = … Read more
If you set a cookie like this: Set-Cookie: name=value then the cookie will only apply to the request domain, and will only be sent for requests to the exact same domain, not any other subdomains. (See What is a host only cookie?) Two different domains (e.g. example.com and subdomain.example.com, or sub1.example.com and sub2.example.com) can only … Read more
No. The HTML 5 spec mentions: The method and formmethod content attributes are enumerated attributes with the following keywords and states: The keyword get, mapping to the state GET, indicating the HTTP GET method. The GET method should only request and retrieve data and should have no other effect. The keyword post, mapping to the … Read more
You are running into CORS issues. There are several ways to fix/workaround this. Turn off CORS. For example: how to turn off cors in chrome Use a plugin for your browser Use a proxy such as nginx. example of how to set up Go through the necessary setup for your server. This is more a … Read more
A great resource to pick the correct HTTP error code for your API: http://www.codetinkerer.com/2015/12/04/choosing-an-http-status-code.html An excerpt from the article: Where to start: 2XX/3XX: 4XX: 5XX: