Upload file avoiding HTTP OPTIONS
I have an OpenuI5 webapp with a backand developed with Delphi Datasnap technology. I use Upload Collection component to manage a list of fields https://openui5.hana.ondemand.com/explored.html#/entity/sap.m.UploadCollection/properties The component, when I want upload the file, send an Http OPTIONS call to retrieve a list of http methods callable from server. The problem is that the Datasnap server does non handle http options and returns 501 error code http://docwiki.embarcadero.com/RADStudio/Seattle/en/DataSnap_REST
I'm trying to realize one of these solution:
- Send http POST by the component without send the http OPTIONS before
- Manage the http POST call by server Datasnap
- Send my docs with Base64 encoding using a POST but inhibiting the auto send OPTIONS call by the component
What is the solution?
There may be a bit confusion about what is actually happening here. UI5 is not explicitly behind the OPTIONS call that you're seeing, but your browser is. The browser is instructed to GET the $metadata from your server to introspect the OData service and see which entities and functions it supports. It seems that your OData server is not the same server as your web application, so the browser decides to run a pre-flight, to check if it is okay to execute this GET request.
The browser is executing this pre-flight as an OPTIONS request, and the server is then supposed to return a bunch of headers that indicate that the service call is allowed. Once the browser has receive the OK-sign from the server the actual GET call that UI5 asked the browser to make is being made.
The issue that you're running into has to do with CORS and is very common for web-apps that have their service running on a different server than the application. The most common solution is to proxy the service on the server that's running the web-app, so that it seem as if the service is running from the same server. In that case, the browser doesn't run this pre-flight CORS check.
Alternatively, you will have to support CORS calls being made, which means that you will have to support the OPTIONS method and have to return so-called CORS headers (Access-Control-Allow-Origin etc) from the server that's running the OData service.