Pre-flighted JavaScript requests

PUT request including credentials

Summary

A cross-origin PUT request can be configured to include credentials.

Add credentials: 'include' to the JavaScript fetch call, to send or receive cookies.

fetch(requestURL, {
    credentials: 'include',
    ...
})

The response to both the pre-flight and main request must include the Access-Control-Allow-Credentials header with a value of true.

Instructions

1. Hit green button below
2. Verify “You are authorized!” response returned successfully
3. Optionally check network requests in Developer Tools (F12)