Spring Security Logout URL does not support "OPTIONS" request

Summary

When making an "OPTIONS" request to the logout URL (default /logout) the response is a 404 Not Found. Based on the following test, it should return a 200 OK. https://github.com/spring-projects/spring-security/blob/af3c6d49728fc3b2270a07ce09827fb1e4890c6d/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerTests.groovy#L106 However, the above test is configured using a MockFilterChain rather than the real FilterChain. This may not be an issue, because this functionality has not been requested and the test above does not accurately reflect current fuctionality. We should either deem the test invalid or implement this feature.

Actual Behavior

• Make an"OPTIONS" request to the /logout URL
• The response is a 404 Not Found

Expected Behavior

Potentially: - Make an"OPTIONS" request to the /logout URL - The response is a 200 OK

Configuration

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .logout();
    }
}