I am building an Angular 2 app that needs to send a CORS (Cross-origin resource sharing) POST request with Basic Authentication (https://en.wikipedia.org/wiki/Basic_access_authentication) to the server.
I am nicely setting the Authorization header for the POST request itself but as it is CORS, the browser first automatically sends the preflight OPTIONS request. Unfortunately the server is misconfigured (Why does the preflight OPTIONS request of an authenticated CORS request work in Chrome but not Firefox?) and requires the Basic Auth also in the preflight. It is a 3rd party server, I can't change it.
Is there a way to overcome it (e.g. add the Authorizion header to preflights, disable preflights, ...)?