After 3 months on the new apps, I can't believe I am going to have to move my application because I can't enable cross domain requests. So disapopinting, I really was excited about this platform. I thought I had finally found the holy grail.

I'm having the same problem here!

Is there any update on this? We're really keen to move a number of applications to the App Platform. Whilst this out of the box CORS protection has value, we manage CORS in our application so really need a way to more fully configure and/or disable the built in protection.

I'm having the same problem

Allowing us to just disable/bypass the DO CORs handlers on a per-app basis would be another option. At the moment, it's really unfortunate that we have no control over this.

I love the app platform, but need to be able to change the headers/methods...

This blocks me from using apps even though i really love the setup

I have the same problem, can't believe basic things like that don't exist in the app platform yet.

Is there any update? Auth headers are suuuuper common. I want to be able to use [and pay $$$ for] App Platform in a professional setting, but yo. I need headers support.

I think this is the only thing stopping me from migrating some staging environments from droplets to the app platform, which I'd love to do : ).

I'm having the same problem, unfortunently, it looks like they don't care.

Ah please is this going to be a thing? I can't migrate to the App Platform if my app is going to be rejected for not allowing an Authorization header, which is happening on staging right now