question:
Why does cross-domain have something to do with the HTTP request method options, because when you obtain resources across domains, browsing will first use OPTIONS to make a request for security reasons, to see if it can return normally, because using OPTIONS returns a 204 status code , no matter whether the page is returned normally or not, it will not be redirected or refreshed
Configure cross-domain
Add the following code in server and location, as long as it is an OPTIONS request, subsequent requests are allowed and the status code is returned normally
if ( $request_method = ‘OPTIONS’ ) {
add_header Access-Control-Allow-Origin $http_origin;
add_header Access-Control-Allow-Headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Data-Type,X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS,HEAD,PUT;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Headers X-Data-Type,X-Auth-Token;
} 
http OPTIONS explained
1. Obtain the HTTP request method supported by the server; it is also a method often used by hackers. The supported request method is related to the version of the http protocol and the configuration of the web server.
2. It is used to check the performance of the server. For example: AJAX preflight when making a cross-domain request needs to send an HTTP OPTIONS request header to the resource of another domain name to determine whether the actually sent request is safe.
3. HTTP returns a normal status code of 206