Closed flrgh closed 1 year ago
Turns out that Content-Type is allowed by default for CORS purposes, but only for the following mime types:
Explicitly allowing it via Access-Control-Allow-Headers opens it up to any mime type.
See also:
Turns out that Content-Type is allowed by default for CORS purposes, but only for the following mime types:
Explicitly allowing it via Access-Control-Allow-Headers opens it up to any mime type.
See also: