Does OpenStack Swift Object Storage support cross-origin PUT requests (CORS) through the temporary url system?

Scenario:

• generate temp url to non-existing object with method PUT in the signature
• temp url is given to web page form
• browser performs PUT request on the temp url with some data
• browser's CORS security kicks in automatically
• browser performs OPTIONS request on the tempurl
• server responds with 401 Unauthorized : Temp URL invalid

Is this supposed to work? Must we add OPTIONS to the [filter:tempurl] section of /etc/swift/proxy-server.conf?

# Note: Put tempurl before dlo, slo and your auth filter(s) in the pipeline
[filter:tempurl]
use = egg:swift#tempurl
# The methods allowed with Temp URLs.
methods = GET HEAD PUT POST DELETE

Must we add OPTIONS to the signature of the tempurl? What about the X-Container-Meta-Access-Control headers on the container?