Reqwest adds access-control headers which forces preflight

Open LukasBombach opened this issue 9 years ago • 1 comments

I am trying to use reqwest with YouTube's oEmbed API. As compared to a plain XMLHttpRequest, reqwest adds 2 headers:

access-control-request-headers:accept, content-type, x-requested-with
access-control-request-method:GET

which triggers a preflight request. Unfortunately YouTube blocks that request because the method used for the preflight request is OPTIONS and returns a 405. Because this request fails, no actual (GET) request is being invoked and I cannot query YouTube's API.

I am not quite sure where these headers come from and if they can be disabled.

Jun 02 '16 08:06 LukasBombach

@LukasBombach Have you set crossOrigin: true in the options?

Nov 03 '16 13:11 Lukewh