diegotsutsumi
commented
1 day ago Closing as ithere were conflicts with https://github.com/in-fin-neat/in-fin-neat-core/pull/50 and we addressed there
Closed diegotsutsumi closed 1 day ago
diegotsutsumi
commented
1 day ago Closing as ithere were conflicts with https://github.com/in-fin-neat/in-fin-neat-core/pull/50 and we addressed there
We're allowing all domains as our CORS policy, that's not a safe strategy and browsers would complain about that.
This PR adds a simple single origin answer for CORs policy. A multi-origin logic would need an extra auth layer checking domins (more here https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)