https://auth0.com/blog/cors-tutorial-a-guide-to-cross-origin-resource-sharing/
https://fetch.spec.whatwg.org/#cors-safelisted-request-header
https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS
https://github.com/awsdocs/aws-lambda-developer-guide/blob/main/doc_source/API_Cors.md