Options to handle preflight requests with the Access-Control-Allow-Private-Network header

[killergerbah]

According to https://developer.chrome.com/blog/private-network-access-preflight/ Chrome will start requiring servers on private networks to explicitly grant access to public websites through a new header.

Chrome will start sending a CORS preflight request ahead of any private network request for a subresource, which asks for explicit permission from the target server. This preflight request will carry a new header, Access-Control-Request-Private-Network: true, and the response to it must carry a corresponding header, Access-Control-Allow-Private-Network: true.

This is supposed to be enforced on version 101, but I am finding that it is already being enforced in some cases for me and I am on version 98. For example, this is now partially breaking AnkiConnect integration for my software asbplayer. This also breaks the expected behavior of the requestPermission API.