My scenario is that the preflight OPTIONS request is occurring on a HTTP DELETE request.
In this scenario, only the Access-Control-Request-Method: DELETE header is specified, and not Access-Control-Allow-Headers. As a result, line 117 would set this header to null value.
This PR proposes to safeguard this logic to only set this header when required.
My scenario is that the preflight OPTIONS request is occurring on a HTTP DELETE request.
In this scenario, only the
Access-Control-Request-Method: DELETE
header is specified, and notAccess-Control-Allow-Headers
. As a result, line 117 would set this header to null value.This PR proposes to safeguard this logic to only set this header when required.