404 error when calling REST api (Phalcon)

Question

I am receiving a 404 error when trying to call a DELETE or a PUT in Phalcon using ajax. I am able to do a GET.

My ajax:

$.ajax({
    url: 'http://localhost/person/blah/5',
    type: 'DELETE',
    success: function (data) {
        console.log(data);
    }
}); 

My PHP

$app->delete('/person/blah/{id:[0-9]+}', function($id) {
    $response = new Phalcon\Http\Response();
    $response->setJsonContent(array('status' => 'OK', 'data' => array('id' => $id)));
    return $response;  
}); 

Prior to this I was getting CORS issues with DELETE, PUT and GET. I changed my .htaccess file to allow access control and the GET started to work. However, I am now having 404 issues with DELETE and PUT.

This is my .htaccess file

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L]
</IfModule>

<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "DELETE, PUT, GET"
    Header set Access-Control-Allow-Headers: "X-Requested-With, Content-Type"
</IfModule> 

My guess is that this issue is related to CORS. The javascript is running on my computer (not server). My javascript is in C:/Users/username/Desktop/test.html. I have tried in both Firefox and Chrome and have the same issue.

---

Some extra information

response header

Access-Control-Allow-Head...    X-Requested-With, Content-Type
Access-Control-Allow-Meth...    DELETE, PUT, GET
Connection  Keep-Alive
Content-Length  15
Content-Type    text/html
Date    Tue, 10 Feb 2015 00:25:17 GMT
Keep-Alive  timeout=5, max=100
Server  Apache/2.4.7 (Win32) OpenSSL/1.0.1e PHP/5.5.9
Status  404 Not Found
X-Powered-By    PHP/5.5.9
access-control-allow-orig...    *

request header

Accept  text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding     gzip, deflate
Accept-Language     en-US,en;q=0.5
Access-Control-Request-Me...    DELETE
Connection  keep-alive
DNT     1
Host    localhost
Origin  null
User-Agent  Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101     Firefox/35.0

response header from cache is same as response header

If it matters I have been able to successfully call my DELETE using curl.

$ curl -i -X DELETE http://localhost/person/blah/5
HTTP/1.1 200 OK
Date: Mon, 09 Feb 2015 23:18:40 GMT
Server: Apache/2.4.7 (Win32) OpenSSL/1.0.1e PHP/5.5.9
X-Powered-By: PHP/5.5.9
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: DELETE, PUT, GET
Content-Length: 33
Content-Type: text/html

{"status":"OK","data":{"id":"5"}} 

Answer 1

I didn't have everything I needed in my .htaccess file.

I followed this guide http://benjaminhorn.io/code/setting-cors-cross-origin-resource-sharing-on-apache-with-correct-response-headers-allowing-everything-through/

I needed this:

# Always set these headers.
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

Answer 2

Might want to follow the flow chart and see what you've missed: http://www.html5rocks.com/static/images/cors_server_flowchart.png

If you are taking advantage of cookies or need response headers exposed you will need to turn on

Access-Control-Expose-Headers

and

Access-Control-Allow-Credentials

Might want to try using them even if you aren't.