Ajax Request header field Key is not allowed by Access-Control-Allow-Headers

Question

Trying to build a DNN Service Framework WebAPI but I\'m having trouble consuming it with CORS. I have all of the appropriate headers (I think) but it still doesn\'t seem to be w

Answer 1

Please note the typo in Nyx's question and Darin's answer ('ow' missing). So it's

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key

and it resolves the error message 'Request header field some-header-field is not allowed by Access-Control-Allow-Headers in preflight mode', if sent as an answer to the browser's OPTION request.