No matter how many times I do this on my local machine I always forget how to enable CORS for "*", just for testing something quick on my machine. This means that there's a proper way to do this and there's a "I don't care how I do it, just stop my requests from returning CORS Error".
The snippet below is for the latter, so it's just for development, but in the next few days I'll try to cover how to do this in production as well.
Basically, we do 3 things to enable CORS:
- Create a policy with an arbitrary name
- Configure that policy with the origins we want to allow (in my case, I use "*")
- Enable CORS using for that policy