Lib stopped working suddenly, with a Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.

[jonit-dev]

Hey folks,

I have been using this for a long time (years), and out of nowhere I started having the following issue in production only:

 Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.

My temporary solution was adding a custom CORS middleware with the following config.

   res.setHeader("Access-Control-Allow-Origin", "*");
     res.setHeader(
       "Access-Control-Allow-Methods",
       "POST,GET,OPTIONS,PUT,DELETE"
     );
     res.setHeader(
       "Access-Control-Allow-Headers",
       "Content-Type,Accept,Authorization"
     );

     next();

I hope they investigate the issue, since this lib is awesome and saved me ton of hours of CORS related headache

PS:

I was using it like I always did, with a:

app.use(cors()); 

I've tried to edit allowedHeaders with the options that I used above, also also tried

app.options("*", cors());

But nothing seemed to make any difference at all.