Hello
I have a problem building the project. find-sec-bugs picks up a Cross
Origin Resource Sharing CORS violation. The violation reads "Overly
permissive CORS policy.
I located the file and the violation is due to the line
response.setHeader("Access-Control-Allow-Origin",
"*"); found in the class
org.apache.fineract.infrastructure.security.filter.TenantAwareTenantIdentifierFilter
* needs to be replaced with a particular domain. I'll be glad if anyone
could help me with that domain.
Also I tried replacing * with a random domain and upon building I didn't
get any violations and the build was 78% successful. I need help figuring
out how to interpret the result and how to fix the failed test.
Thanks
