BOSS API only uses HTTP 1.1?

I’ve gotten the BOSS API to work using Postman, but trying to use javascript in a web browser has only gotten me CORS errors. My suspicion is that this is related to the HTTP protocol version. In the BOSS API manual, every example POST specifies HTTP 1.1, whereas javascript running in a browser uses whatever HTTP version the browser chooses as far as I can tell.

Can anyone confirm that the BOSS API works only on HTTP 1.1?

Otherwise, perhaps something is wrong with my code. Below is the Axios post that keeps giving me CORS errors, sensitive information excluded.

    "session_id": session_id,
    "imsi": imsi

The resulting error:

Access to XMLHttpRequest at '' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.