CORS preflight request

A CORS preflight request is a security measure web browsers use when a web page tries to access resources from a different domain. Before doing the actual data request (like sending a form or fetching data), the browser sends a "preflight" request — an OPTIONS request — to the server to check if the cross-origin request is permitted. The server then responds with allowed methods and headers. If approved, the browser proceeds with the main request. This process helps protect users by ensuring only authorized cross-origin communications occur.