At the moment it still is not supported. It appears that the workaround to overcome the CORS issue for the Azure AD app proxy is to develop a proxy for the Azure AD App proxy.
According to user voice, the product group is looking into enabling a feature that focuses on supporting CORS preflight requests between two applications. This works by allowing you to configure the response and have App Proxy handle it on behalf of the app.
A pre-requisite for this feature to work is that the user must be able to authenticate into the second application in order to avoid a CORS issue from the login flow into the second app.
To avoid this the user will have to make sure they have already accessed the 2nd application before the CORS request, and has valid credentials. This should work for wildcard apps and can also be achieved by adding a fake link / image to the 2nd application in the first application.
There is a feedback item that is still open for this here: https://feedback.azure.com/forums/169385-web-apps/suggestions/34619698-allow-regexp-in-apicors-enable-wildcard-cors-supp