I don't see the CORS Access Origin Headers in the response headers

You can set this all in the security global middleware.

or in CORS

1 Like