CORS OPTIONS request not forwarded

Hey. I’m using CloudFlares free tier and I’m facing a problem where preflight requests made from my FrontEnd to my BackEnd are not being forwarded to my server, and are instead just being served by CF.

Domain in question: https://sustainable-home-web-test.peelindustries.co.uk

If you go and check the network tab, there is an OPTIONS request sent to my API before the real POST is made (Endpoint called on page load is /analytics). That request does not get to my server (Even if I disable the DNS proxy, or if I put the domain into development mode). The response headers are

access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: GET,OPTIONS,PUT
access-control-max-age: 100
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70ce256a7b5571f3-LHR
content-length: 0
date: Tue, 17 May 2022 17:41:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=..."}],"group":"cf-nel","max_age":604800}
server: cloudflare

And the only reason that

access-control-allow-headers: content-type,x-session-id
access-control-allow-origin: https://sustainable-home-web-test.peelindustries.co.uk

Is in there is because i’ve added two re-write rules in CF to add those response headers to all OPTIONS requests.

I know it’ll be me doing it wrong somehow, but I can’t see how. Thank you in advanced.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.