I have a web app created by someone else which is hosting APIs, now it's getting flagged by our security team as it exposes the OPTIONS http method and I have no control to disable it.
So am thinking of putting something in front of the web app which can block request for OPTIONS but allow the rest.
I tried ngnix stream but it's not helping, also proxypass just redirects to original api.