Querying the server for resource capabilities
This note provides supplementary information about the server's implementation of the standard HTTP OPTIONS method to query resource capabilities, and to implement cross-origin resource sharing exceptions.
OPTIONS request was used historically as a programmatic way to query the server about which methods a resource is able to handle. This is still one of its roles.
With the advent of the cross-origin resource sharing protocol, the
OPTIONS method has been pulled into the additional duty of providing a mechanism for browsers to determine if any exceptions to the same-origin policy have been granted by the server.
The server's request/response cycle for
OPTIONS requests is fulfilled using this sequence of handlers:
|1||Server Name Indication||no||no|
OPTIONS requests always return status code
For reference purposes, refer to IETF RFC 7231 Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content section 4.3.7 for the basic protocol expected of HTTP
Refer to the W3C publication Cross-Origin Resource Sharing, dated January 16, 2014, for how the CORS protocol works.