Cross-Origin Resource Sharing Allowed
Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, or port) from its own. Mozilla Cross-origin resource sharing should not be allowed unless specifically needed to minimize disclosure of sensitive information to foreign origins.
Consider removing the
Access-Control-Allow-Origin header or use specific origins as value.