Found the problem! Thanks so much for helping us identify it. In short, one of our proxies is removing CORS headers (e.g. Access-Control-Allow-Origin
) in the HTTP response for the browser’s OPTIONS request (aka “preflight”, which are used for POST requests).
I haven’t found a good workaround yet, but we’ll follow up in the bug you filed (thank you!). Hopefully this is something we can resolve shortly.
EDIT: I updated the bug title and added repro steps, will now follow up with our infra teams on this.