diff --git a/core/main/router/router.rb b/core/main/router/router.rb
index 39ae98d13..c6ca5c6e5 100644
--- a/core/main/router/router.rb
+++ b/core/main/router/router.rb
@@ -94,10 +94,12 @@ module BeEF
 
           # @note If CORS are enabled, expose the appropriate headers
           # this apparently duplicate code is needed to reply to preflight OPTIONS requests, which need to respond with a 200
+          # and be able to handle requests with a JSON content-type
           if request.request_method == 'OPTIONS' && config.get("beef.http.restful_api.allow_cors")
             allowed_domains = config.get("beef.http.restful_api.cors_allowed_domains")
             headers "Access-Control-Allow-Origin" => allowed_domains,
-                    "Access-Control-Allow-Methods" => "POST, GET"
+                    "Access-Control-Allow-Methods" => "POST, GET",
+                    "Access-Control-Allow-Headers" => "Content-Type"
             halt 200
           end