HTTP headers | Access-Control-Allow-Methods

The Access-Control-Allow-Methods header is a  Cross-Origin Resource Sharing(CORS) response-type header. It is used to indicate which HTTP methods are permitted while accessing the resources in response to the cross-origin requests. 


Access-Control-Allow-Methods: <method>, <method>, ...


Access-Control-Allow-Methods: *

Directives:  This header accepts two directive as mentioned above and described below:

  • <method>: This directive consists of a list of HTTP request methods separated by a comma.
  • *: This directive is a wildcard value to indicate all the requests lacking credentials like HTTP cookies or HTTP authentication information. 


Access-Control-Allow-Methods: POST, GET, OPTIONS 
Access-Control-Allow-Methods: *

Supported Browsers:  The browsers  are compatible with HTTP Access-Control-Allow-Methods header are listed below: 

  • Google Chrome 
  • Edge 
  • Opera 
  • Firefox 
My Personal Notes arrow_drop_up

Check out this Author's contributed articles.

If you like GeeksforGeeks and would like to contribute, you can also write an article using or mail your article to See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.

Article Tags :

Be the First to upvote.

Please write to us at to report any issue with the above content.