When making api calls to https://run.glot.io or any other url that the api is hosted Options HTTP request are not allowed.
Since anyone with a token can make POST requests to the api (i.e Postman, Insomnia ,curl or any other http client) then should web apps be allowed to be able to send OfPTIONS requests (since these are pre flight request) that are followed by a POST request?
When making api calls to https://run.glot.io or any other url that the api is hosted Options HTTP request are not allowed.
Since anyone with a token can make POST requests to the api (i.e Postman, Insomnia ,curl or any other http client) then should web apps be allowed to be able to send OfPTIONS requests (since these are pre flight request) that are followed by a POST request?
Is this the intended behavior regarding the api?