The Cross-Origin Resource Sharing (CORS) headers configured by Kaleido by default are very permissive, allowing requests from any application. As part of your overall web application security posture you might wish to restrict the CORS policy of your nodes.
Example restricted CORS configuration
The full schema for the
corssection is described in the