I have set the “Allowed Web Origins” and “Allowed Origins (CORS)” to “http://localhost:2266” of my application. It worked for a long time. But it suddenly blocked me by CORS policy yesterday. I have no idea.
Access to XMLHttpRequest at ‘https://mydomain.auth0.com/oauth/token’ from origin ‘http://localhost:2266’ has been blocked by CORS policy: Request header field request-id is not allowed by Access-Control-Allow-Headers in preflight response.