add allow-headers content-type

nginx/cors.conf

@@ -1,6 +1,7 @@
 if ($request_method = 'OPTIONS') {
   add_header 'Access-Control-Allow-Origin' '*';
   add_header 'Access-Control-Allow-Methods' 'GET, POST, DELETE';
+  add_header 'Access-Control-Allow-Headers', 'Content-Type'
   # cache CORS for 24 hours
   add_header 'Access-Control-Max-Age' 86400;
   # return empty response for preflight

src/middleware/cors.ts

@@ -3,5 +3,6 @@ import { NextFunction, Request, Response } from "express";
 export function corsMiddleware(req: Request, res: Response, next: NextFunction): void {
     res.header("Access-Control-Allow-Origin", "*");
     res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS, DELETE");
+    res.header("Access-Control-Allow-Headers", "Content-Type");
     next();
 }