Cors Origin * does not work

[gsingh-ds]

Issue workflow progress

Progress of the issue based on the
Contributor Workflow

• 1. The issue provides a reproduction available on
  Github,
  Stackblitz
  or
  CodeSandbox

Make sure to fork this template and run yarn generate in the terminal.

Please make sure Mesh package versions under package.json matches yours.

• 2. A failing test has been provided
• 3. A local solution has been provided
• 4. A pull request is pending review

---

Describe the bug

While setting the cors origin to "*" it still return the allowed origin as the host domain.

To Reproduce Steps to reproduce the behavior:

1. You can see the cors options are set under serve in .meshrc.yml
2. When you make a request in graphqlmesh you can see the response headers.
   Sandbox: Link

[ardatan]

Because * is not a valid value for that header. So it returns the domain you sent if "*" is set to make the preflight request passed.
There is no bug. It is the expected behavior

[gsingh-ds]

How can I allow all origins? @ardatan

[ardatan]

"*" already does that. If you send a request from a different origin, it will send that origin in the header. This is done for security purposes.

[gsingh-ds]

With "*" I am getting Cors error, not sure what's going wrong. When I try to make request even from localhost, no allowed-origin header is present in response headers, @ardatan
Note: Started happening after the update.