How can I allow CORS for localhost or another site? 

from origin 'http://localhost:4060' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

@http.route(
    '/hospital', 
    type='http', auth='user', methods=['GET', 'OPTIONS'], csrf=False, cors='*')