Hi everyone! 
I am facing very annoying and unfortunate CORS errors while trying to access the SeaTable API from a web app I built. I already tried loads of different approaches and scraped the whole forum, but either the issues were slightly different or the topic has been closed with any real resolution.
The following works as expected, when run in the terminal.
curl
-X POST
-H "Authorization: Token <TOKEN>"
-H "Content-type: application/json"
-d '{"sql": "<QUERY>","convert_keys": true}'
'https://cloud.seatable.io/dtable-db/api/v1/query/<BASE_ID>/'
.
But using the following options in a JS fetch unfortunately always resorts in a cors error:
let headers = new Headers();
headers.append("Authorization", `Token ${base.token}`);
headers.append("Content-Type", "application/json; ");
const options = {
method: "POST",
redirect: "follow",
headers: headers,
body: JSON.stringify({
sql: query,
convert_keys: true,
}),
};
fetch("https://cloud.seatable.io/dtable-db/api/v1/query/<BASE_ID>/", options)
.
From the official documentation, I understand that using the Authorization and Content-Type Headers, will trigger a preflight request (OPTIONS method) which is already getting rejected by the API. Disabling cors with mode: "no-cors" also will not work because of the mentioned headers.
Does anyone know how to resolve this without setting up a CORS Proxy? Or is there something on the roadmap on SeaTable side?
We really like SeaTable und would love to use it in production - unfortunately this would be an absolute deal-breaker 
