Hacker News new | ask | show | jobs
by davidfiala 658 days ago
It depends on including things like headers and other non-approved changes to the request. Content-Type is one of them, but even it has some whitelisted options.

Read about 'simple' requests to see what you can and cannot do before a preflight is required: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simpl...
1 comments
demarq 658 days ago
Probably you didn’t see my first reply.

Put simply if I make cross origin POST request that’s JSON type it cannot be a simple request.

There are no ways around this

link
davidfiala 658 days ago
Didn't see it :) you nailed it!
link