This page describes a number of configuration options to increase the security of your CXO-Cockpit application. Basic knowledge of .NET configuration files is required to apply these options.
...
It is possible to allow any origin by specifying "*" string it he "Allowed origins" field. This setting is strongly discouraged since it is insecure configuration.
- "Cross-Origin Resource Sharing (CORS): Allow Credentials" setting should be always false by default.
...