diff --git a/internal/api/api.go b/internal/api/api.go
index 82830806..945d42da 100644
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -211,7 +211,7 @@ func middlewareCORS(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Access-Control-Allow-Origin", "*")
 		w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
-		w.Header().Set("Access-Control-Allow-Headers", "Authorization")
+		w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
 		next.ServeHTTP(w, r)
 	})
 }
diff --git a/internal/webrtc/server.go b/internal/webrtc/server.go
index 2b3af264..c3eb1387 100644
--- a/internal/webrtc/server.go
+++ b/internal/webrtc/server.go
@@ -49,6 +49,9 @@ func syncHandler(w http.ResponseWriter, r *http.Request) {
 			http.Error(w, "", http.StatusBadRequest)
 		}
 
+	case "OPTIONS":
+		w.WriteHeader(http.StatusNoContent)
+
 	default:
 		http.Error(w, "", http.StatusMethodNotAllowed)
 	}