CORS POST Requests not working - OPTIONS (Bad Request) - The origin is not allowed

Question

I\'m having a lot of trouble getting a cross domain POST request to hit an Api controller in the latest beta 2 release.

Chrome (and other browsers) spit out:

Answer 1

Ok I got past this. This has got to be the strangest issue I've ever encountered. Here's how to "solve" it:

1. Continue on with life as usual until suddenly out of no where OPTIONS requests to this domain begin returning 200 OK (instead of 400 Bad Request) and POST never happens (or at least seems like it doesn't because the browser swallows it)
2. Realize that Fiddler's OPTIONS response mysteriously contains duplicates for "Access-Control-Allow-XXX".
3. Try removing the following statement from you web.config even though you clearly remember trying that to fix the previous issue and it not working:

Remove this:

Because you already have this:

 var enableCorsAttribute = new EnableCorsAttribute("http://mydomain.com",
                                                   "Origin, Content-Type, Accept",
                                                   "GET, PUT, POST, DELETE, OPTIONS");
        config.EnableCors(enableCorsAttribute);

Moral: You only need one.