Closed
Description
I want to mock a missing endpoint for my project. I set it up so every request that is sent, has an Authorization header. But because of that same header, my browser said that it's having a CORS error.
Access to XMLHttpRequest at 'http://localhost:3000/tasks' from origin 'http://localhost:5173' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
I looked it up and apparently that's because the default options for allowedHeaders in tinyhttp/cors only allows content-type.
Can we have that so the default allowedHeaders is set to * ? I haven't tested it but I can try and make the PR if you want.
Thank you!
Metadata
Metadata
Assignees
Labels
No labels