Instinctive

Get started with Instinctive

Sign in with a Google administrator account to get started

Get started with Instinctive

Sign in with a Google administrator account to get started

Upgrade to Instinctive District for this feature

Audit & fix Chrome settings to keep users safe & devices secure

Compare and sync settings across OUs or historical exports. Import settings to copy from one OU to another.

Unlimited search history

Batch actions (max. 250 items at a time)

Custom CSV exports for record-keeping

Hand Raise extension
<- Chrome Settings Library

AccessControlAllowMethodsInCORSPreflightSpecConformant

Make Access-Control-Allow-Methods matching in CORS preflight spec conformant
Last updated October 8, 2024
Edit in Google Admin Console

This policy controls whether request methods are uppercased when matching with Access-Control-Allow-Methods response headers in CORS preflight. If the policy is Disabled, request methods are uppercased. This is the behavior on or before Google Chrome 108. If the policy is Enabled or not set, request methods are not uppercased, unless matching case-insensitively with DELETE, GET, HEAD, OPTIONS, POST, or PUT. This would reject fetch(url, {method: 'Foo'}) + "Access-Control-Allow-Methods: FOO" response header, and would accept fetch(url, {method: 'Foo'}) + "Access-Control-Allow-Methods: Foo" response header. Note: request methods "post" and "put" are not affected, while "patch" is affected. This policy is intended to be temporary and will be removed in the future.

Supported On:
Platform Start End
Android 109
Chrome (Windows, Mac, Linux) 109
ChromeOS 109
Example value:

true

Features: