Hello, is it possible to specify the CORS settings for the Data API?
Currently, I’ve got an external app (served from a different domain) that is able to list and create my bubble.is resources, but is not able to delete them due to: “Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response.”.
Some more info:
- These requests are being sent with no authentication.
- The “Delete via API” permission is enabled in the default permissions for this resource - this seems to be independent.
- I’m testing all of this in the “Development” version. Not sure if it makes a difference.
Alternatively, is there another way to make this work?
Thank you,