Hope its not too late to post this.
I encountered the same problem.
Adding below function to functions.php solved my problem
add_action( 'init', 'handle_preflight' );
function handle_preflight() {
$origin = get_http_origin();
if ( $origin == 'https://localhost:8080' || $origin == 'https://yourapp.firebaseapp.com') {
// You can set more specific domains if you need
header("Access-Control-Allow-Origin: " . $origin);
header("Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE");
header("Access-Control-Allow-Credentials: true");
header( 'Access-Control-Allow-Headers: Authorization' );
if ( 'OPTIONS' == $_SERVER['REQUEST_METHOD'] ) {
status_header(200);
exit();
}
}
}
