Returns a preflight response for a given Request.
Contains the Access-Control-Allow-* headers for a CORS preflight request according to this policy. This method is invoked internally by RequestControllers that have a RequestController.policy.
Source
Response preflightResponse(Request req) { var headers = { "Access-Control-Allow-Origin": req.innerRequest.headers.value("origin"), "Access-Control-Allow-Methods": allowedMethods.join(", "), "Access-Control-Allow-Headers": allowedRequestHeaders.join(", ") }; if (allowCredentials) { headers["Access-Control-Allow-Credentials"] = "true"; } if (cacheInSeconds != null) { headers["Access-Control-Max-Age"] = "$cacheInSeconds"; } return new Response.ok(null, headers: headers); }