diff --git a/src/App/Module.php b/src/App/Module.php
index 7ad4261aa6..b2cc8210e3 100644
--- a/src/App/Module.php
+++ b/src/App/Module.php
@@ -265,6 +265,20 @@ class Module
 			$logger->debug('index.php: page not found.', ['request_uri' => $server['REQUEST_URI'], 'address' => $server['REMOTE_ADDR'], 'query' => $server['QUERY_STRING']]);
 		}
 
+		// @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS
+		// @todo Check allowed methods per requested path
+		if ($server['REQUEST_METHOD'] === Router::OPTIONS) {
+			header('HTTP/1.1 204 No Content');
+			header('Allow: ' . implode(',', Router::ALLOWED_METHODS));
+			// Deactivated until we know about possible side effects
+			// header('Access-Control-Allow-Credentials: true');
+			// header('Access-Control-Allow-Headers: Authorization,Content-Type');
+			// header('Access-Control-Allow-Methods: ' . implode(',', Router::ALLOWED_METHODS));
+			// header('Access-Control-Allow-Origin: ' . DI::baseUrl());
+			// header('Access-Control-Max-Age: 86400');
+			exit();
+		}
+
 		$placeholder = '';
 
 		$profiler->set(microtime(true), 'ready');
diff --git a/src/App/Router.php b/src/App/Router.php
index c18c048eaa..82c493baa6 100644
--- a/src/App/Router.php
+++ b/src/App/Router.php
@@ -44,11 +44,12 @@ use Friendica\Network\HTTPException;
  */
 class Router
 {
-	const DELETE = 'DELETE';
-	const GET    = 'GET';
-	const PATCH  = 'PATCH';
-	const POST   = 'POST';
-	const PUT    = 'PUT';
+	const DELETE  = 'DELETE';
+	const GET     = 'GET';
+	const PATCH   = 'PATCH';
+	const POST    = 'POST';
+	const PUT     = 'PUT';
+	const OPTIONS = 'OPTIONS';
 
 	const ALLOWED_METHODS = [
 		self::DELETE,
@@ -56,6 +57,7 @@ class Router
 		self::PATCH,
 		self::POST,
 		self::PUT,
+		self::OPTIONS
 	];
 
 	/** @var RouteCollector */