CouchDB: JavaScript Fetch API Fails To Connects Due To CORS on localhost

After more testing, the CORS issue surfaces only when I add the 'credentials': 'include' header. ...?

Using Chrome browser I navigate to 127.0.0.1:5984 and get response from couchdb server.

When I call the same address using Chrome's JavaScript it fails for both http://127.0.0.1:5984 as well as http://localhost:5984.

Access to fetch at 'http://localhost:5984/' from origin 'http://localhost:8080' has been blocked by CORS policy: 
Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

The local.ini file on the couchdb box has:

[chttpd]
enable_cors = true
[cors]
origins = *
credentials = true
methods = GET, POST, PUT, DELETE, OPTIONS, HEAD, TRACE, PATCH
headers = accept, authorization, content-type, origin, referer, cache-control, x-requested-with, X-Couch-Id, X-Couch-Rev

My fetch options currently have:

{
  "headers": {
    "Content-Type": "application/json",
    "method": "GET",
    "credentials": "include",
    "mode": "cors"
  }
}

If you're making a CORS request which includes credentials, you cannot use origins = *. According to the MDN Docs:

> Note: When responding to a credentialed requests request, the server must specify an origin in the value of the Access-Control-Allow-Origin header, instead of specifying the "*" wildcard.

So you need http://localhost:5984 and any other relevant host in your local.ini. This issue isn't CouchDB specific, you need to explicitly specify the origins for any API to which you make a CORS request from the browser.