Request header field X-CSRF-TOKEN is not allowed by Access-Control-Allow-Headers in preflight response

[oranges13]

I'm unable to use noembed on my website due to the error:

Request header field X-CSRF-TOKEN is not allowed by Access-Control-Allow-Headers in preflight response

I've updated my server's CORS settings to include "X-CSRF-Token" but it doesn't appear to be making a difference. Please advise.

[hardikrawal23]

Any solution on this? I have a similar issue.