I would love to be able to use wildcards in CORS with a little more specificity. In particular, for review apps on Heroku, you will have a url that is auto-generated for each pull request, so something like http://my-app-dev-pr-523.herokuapp.com. I would like to be able to add http://my-app-dev-pr.herokuapp.com to the CORS list but it currently flags that is an improper URL so I have to do the much more broad (less secure) http://.herokuapp.com1 vote
We don’t currently plans to update anything related to CORS support, but we’ll research this and post an update in the next few months to indicate a final decision.
- Don't see your idea?