Cors problem with go buf connect gRPC server configuration

Question

I am trying to configure a go buf connect server in go. That serves gRPC endpoints to a Vue3 Typescript frontend. The browser complains about cors on the preflight request send.

The vite dev server runs on http://localhost:3000

Here is my server:

package wavserver

import (
    "context"
    "fmt"
    "net/http"

    "github.com/jmoiron/sqlx"
    "github.com/pienaahj/recordingdepo/backend/gen/wavapi/v1/wavapiv1connect"
    li "github.com/pienaahj/recordingdepo/backend/logwrapper"
    "github.com/rs/cors"
    "golang.org/x/net/http2"
    "golang.org/x/net/http2/h2c"
)

type wavapiServer struct {
    Repo *sqlx.DB
}

// RunServer is the main gprs server
func RunServer(ctx context.Context, repo *sqlx.DB) error {
    fmt.Println("message from runserver, repo received: ", repo)
    CallFrom := "Call from GRPC main"
    var port string = ":50051"
    var success int = 204

    recorder := &wavapiServer{
        Repo: repo,
    }
    // create a new mux
    mux := http.NewServeMux()
    // setup the recordings service handler
    path, handler := wavapiv1connect.NewRecordingsServiceHandler(recorder)
    fmt.Println("Path of Handler: ", path)
    c := cors.New(cors.Options{
        AllowedHeaders: []string{
            "Content-Type",
            "Connect-Protocol-Version",
            "Connect-Timeout-Ms",
            "Grpc-Timeout",
            "X-Grpc-Web",
            "X-User-Agent",
        },
        AllowedOrigins:       []string{"http://localhost:3000"},
        AllowCredentials:     true,
        AllowedMethods:       []string{"POST", "GET"},
        Debug:                true, // disable for production
        OptionsPassthrough:   true,
        OptionsSuccessStatus: success,
    })
    // Insert the middleware
    handler = c.Handler(handler)
    // Setup the gRPC mux with new cors options
    mux.Handle(path, handler)

    // make a http2 server 
    err := http.ListenAndServe(
        port,
        // Use h2c so we can serve HTTP/2 without TLS.
        h2c.NewHandler(mux, &http2.Server{}),
    )
    if err != nil {
        li.Logger.ErrGRPCListenerMessage(CallFrom, err)
        fmt.Printf("Failed to listen and serve on gPRC server: %v\n", err)
        return err
    }
    return nil
}

I have read myself into a coma and exhausted my possibilities. I am quite stuck now. The integration of the cors go package with buf connect's documentation is either above my level of understanding or the examples to trivial to guide me or most likely, I'm just out of my depth!

I'm testing the server with the suggested curl command:

curl -D - -H 'Origin: http://localhost:3000/' http://localhost:50051 and have also tried

curl -X OPTIONS -i -H 'Origin: http://localhost:3000' http://localhost:50051

the results are the same:

HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Content-Type: text/plain; charset=utf-8
Vary: Origin
X-Content-Type-Options: nosniff
Date: Fri, 01 Dec 2023 08:18:36 GMT
Content-Length: 19
404 page not found

Where have I missed the boat?