The information I have is that we have the following enabled:

The suggestion to resolve this to resolve this is as follows:

Disable HTTP OPTIONS method on your web server. Refer to your web server's instruction manual on how to do this.

Is it feasible to do this without stopping the CA7 web client from working?

Release : 12.1

Component :

First, check if HTTPS  is enabled on the server. If not you'll need to do so first before you disable HTTP. 
If HTTPS is already enabled and you running on Linux or Windows. You can disable HTTP in the server.xml in the tomcat/conf directory. 

you'll need to look for the following line similar to below:

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

to disable HTTP it should look like this:

<!-- 
    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
 -->

=========================================

If running on USS please check the following:
/install/apache-tomcat-x.x.xx/conf/server.xml file and see if you have a line starting with

<Connector SSLEnabled="true" URIEncoding="UTF-8" acceptCount="100"...  (and of course make sure it is not commented out)

If you do then you most probably installed the Web Client enabling SSL. If not you will need to re-install and:
 

   1.  Select Option 2 - Configure Tomcat
   2.  Select Option 2 - Enable SSL

You will get a default self-signed certificate and be able to use SSL . You will be able to disable HTTP using the instructions provided above (they too apply to the z/OS install).
Ultimately you will need to get your own keystore or use the instructions in the Implement SSL Using SAF Keyrings section of the Web Client 12.1 documentation.