MaxDataServiceVersion is not allowed by Access-Control-Allow-Headers.


When using against WCF/OData v3 I get "Request header field MaxDataServiceVersion is not allowed by Access-Control-Allow-Headers."


ATrigo wrote May 30, 2012 at 10:09 PM

Hi, could you please provide a short repro of the issue. A network trace of the request would be helpful also.

kurtomatic wrote Jul 3, 2012 at 7:58 PM

I have the same issue with WCF Data Service 5. I am using <customHeaders> tags in my hosting ASP web.config for XDR, and I was able to work around this issue by adding the indicated header to the Access-Control-Allow-Headers header:

  <add name="Access-Control-Allow-Origin" value="*" />
  <add name="Access-Control-Max-Age" value="3600" />
  <add name="Access-Control-Allow-Headers" value="Content-Type, Accept, MaxDataServiceVersion" />
  <add name="Access-Control-Allow-Methods" value="PUT, POST, GET, DELETE, MERGE, OPTIONS" />

wrote Feb 22, 2013 at 12:20 AM

nblackMSFT wrote Dec 12, 2013 at 6:46 PM

He is trying to do a CORS request. I saw this too. In CORS, you cannot add custom headers unless the server allows you to send them - but datajs always send them and has no way to not send this custom header - even with your own httpClient, which breaks all CORS scenarios unless you can change that server side code to allow those headers.

hemantsathe wrote Mar 19, 2015 at 12:23 PM

I tried allowing these options on server side in CORS. Unfortunately the OPTIONS query says that these headers are allowed but the GET query returns 404 error.