Right now, we allow all origins in our CORS filter. For security reasons, we should restrict that. Based on discussion with the infrastructure team, we want to restrict it to environment specfic urls.
This will need to be a config setting, controlled by an environment variable defined in CloudFormation
Right now, we allow all origins in our CORS filter. For security reasons, we should restrict that. Based on discussion with the infrastructure team, we want to restrict it to environment specfic urls.
This will need to be a config setting, controlled by an environment variable defined in CloudFormation