|
|
|
|
|
|
by evanspa
1873 days ago
|
|
|
> Note that CORS preflight requests are not made for GET HEAD POST requests with default headers. I really wish the author included an explanation for this. What are "default headers"? What special header(s) needs to be on the request in order for a preflight request to be made? |
|
|
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
For your specific question, this is the relevant section of the above link
----
Apart from the headers automatically set by the user agent (for example, Connection, User-Agent, or the other headers defined in the Fetch spec as a “forbidden header name”), the only headers which are allowed to be manually set are those which the Fetch spec defines as a “CORS-safelisted request-header”, which are:
Accept
Accept-Language
Content-Language
Content-Type (but note the additional requirements below)