Slightly different but works for all of our current ‘ALLOWED_REQUST_ORIGINS’.
I saw someone posted this as a similar CORS fix. Is this what I need?