Now check whether the origin is in allowed_origins table, and if not check allow_all_origins config parameter. While here: - add are_cors_preflight_requests_available - if true then preflight requests are available (default false)