Access-Control-Max-Age not effective in preflight request caching when Authorization header is programatically defined · Issue #1278 · whatwg/fetch · GitHub
javascript - CORS Problems: header contains multiple values, but only one is allowed - Stack Overflow
Is "cache-control:public, max-age=0, must-revalidate" supposed to be the default? - Support - Netlify Support Forums
Cannot remove response headers (Access-Control-Allow-Origin) - Operation and Testing - Tyk API Management Community Forum
Enabling CORS not working in AEM Cloud - Adobe Experience League Community - 415233