To check if an API endpoint allows CORS, please send a Http Request as OPTIONS with the following headers:
Access-Control-Request-Headers:authorization,content-type
Access-Control-Request-Method:POST
Origin:http://localhost
The response will look like this if CORS is allowed:
Access-Control-Allow-Headers:authorization,content-type
Access-Control-Allow-Methods:POST
Access-Control-Allow-Origin:*
For example this endpoint supports CORS:
Whereas this does not: