Bug with Workers Editor and CORS Checks on PUT Requests

Hi! I would like to report a bug I discovered in the Cloudflare Workers management interface. Specifically, I encountered an issue where it is not possible to send PUT requests and debug the code using the real-time editor in the management interface.

Upon debugging using browser tools like the inspector, I found that the preview feature, which sends requests to the Workers, is connecting to a proxy. This proxy returns the access-control-allow-method header. However, there is a typo in the header name as it should be access-control-allow-methods (note the missing ‘s’ at the end). Due to this incorrect header name, the browser’s CORS check fails. The problem likely lies in the proxy intercepting OPTIONS preflight requests and returning an incorrect header name.

It’s worth noting that this issue only affects PUT requests, as GET and POST requests are considered CORS-safelisted methods and do not trigger the CORS check. Despite the incorrect header, the browser can still send the requests without any problems.

I hope this information helps in identifying and resolving the issue. If you need any further details or assistance, please let me know.