Can someone tell me if this is by design please : My CORS policy
CORS-Response-v0
{request.header.origin}
{into.cors-handling.operations}
origin, x-requested-with, accept, content-type,
authorization, x-api-key *
3628800 false
true
true
request.he...