Problem with the preflight CORS Request

I’m currently developing a Wallboard which needs to fetch data from the Marketplace Sales API via XHR using CORS. I have a problem with the preflight CORS Request. When I run the script I get a response with the status 405 „Method Not Allowed“ and the browser errors out with „XMLHttpRequest cannot load…Response for preflight has invalid HTTP status code 405 “.
Here are the response and request header:

Response Header:

HTTP/2.0 405 Method Not Allowed
Server: Jetty(8.y.z-SNAPSHOT)
x-varnish: 806397270
Vary: __ATL_USER,X-Atlassian-UPM-Auth,Origin
X-Cache: MISS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000
Date: Fri, 14 Jul 2017 08:23:37 GMT
Access-Control-Allow-Origin: http://localhost
Via: 1.1 varnish-v4
Allow: GET, HEAD
Access-Control-Allow-Methods: HEAD, PUT, GET, POST, DELETE
Access-Control-Allow-Headers: authorization,content-type
Age: 0
Content-Length: 0
X-Firefox-Spdy: h2

Request Header:

OPTIONS /rest/2/vendors/95/reporting/sales/transactions?limit=10&_=1500020617101 HTTP/1.1
Host: marketplace.atlassian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: http://localhost
Connection: keep-alive

And here is my ajax function

function getData(){
return $.ajax ({
headers:{
‘Authorization’: 'Basic ',
‘Content-Type’: ‘application/json’
},
url: url,
type: ‘GET’,
dataType: ‘json’,
cache: false,
});
}
Thanks for help.

Hi Robin,

The transactions API doesn’t support CORS nor the OPTIONS method at this time. Please watch https://ecosystem.atlassian.net/browse/AMKT-19489 for updates on this issue.

Cheers,
Ben