Set CORS preflight requests' mode to "cors"

CORS preflight requests' mode is now exposed via the Sec-Fetch-Mode header and it makes sense to set it to "cors", as it's part of the CORS protocol.

Tests: https://chromium-review.googlesource.com/c/chromium/src/+/1702311.

Fixes w3c/webappsec-fetch-metadata#35.

fetch.bs

@@ -4778,7 +4778,8 @@ run these steps:
   <a for=request>destination</a> is <var>request</var>'s <a for=request>destination</a>,
   <a for=request>origin</a> is <var>request</var>'s <a for=request>origin</a>,
   <a for=request>referrer</a> is <var>request</var>'s <a for=request>referrer</a>,
-  <a for=request>referrer policy</a> is <var>request</var>'s <a for=request>referrer policy</a>, and
+  <a for=request>referrer policy</a> is <var>request</var>'s <a for=request>referrer policy</a>,
+  <a for=request>mode</a> is "<code>cors</code>", and
   <a for=request>tainted origin flag</a> is <var>request</var>'s
   <a for=request>tainted origin flag</a>.