It's not clear from the question, but assuming this is something happening on a development or test client, and given that you are already using Fiddler you can have Fiddler respond with an allow response:
- Select the problem request in Fiddler
- Open the
AutoResponder
tab
- Click
Add Rule
and edit the rule to:
- Method:OPTIONS server url here, e.g.
Method:OPTIONS http://localhost
*CORSPreflightAllow
- Check
Unmatched requests passthrough
- Check
Enable Rules
A couple notes:
- Obviously this is only a solution for development/testing where it isn't possible/practical to modify the API service
- Check that any agreements you have with the third-party API provider allow you to do this
- As others have noted, this is part of how CORS works, and eventually the header will need to be set on the API server. If you control that server, you can set the headers yourself. In this case since it is a third party service, I can only assume they have some mechanism via which you are able to provide them with the URL of the originating site and they will update their service accordingly to respond with the correct headers.