Disable preflight OPTION request when sending a cross domain request with custom HTTP header

Question

I've just found out that my browser was sending an extra "OPTION" request when trying to make a cross domain ajax call with a custom http header. I presume it is called "preflight request".

Is it possible to disable this functionality and just send the initial request ?

This is my javascript testing code :

$(document).ready(function() {
    $.ajax({
        url: "http://google.fr",
        crossDomain: true,
        headers: {
            "X-custom-parameter": true
        }
    });
});

Thanks for helping!

Answer 1

No, it is definitely not possible to bypass the CORS preflight request. The preflight request exists to allow cross-domain requests in a safe manner. In your example above, you are trying to access google.fr, but google.fr doesn't support CORS. There is no way around this for Google, since Google doesn't support cross-domain requests on its web page. In general, if you have ownership of the server, your options are to support CORS, support alternative cross-domain hacks like JSON-P, or use a server-side proxy.