In a multisite setup, like our hosting, each site can have its own allowed origins by using the “cors origins” setting. Setting DISCOURSE_CORS_ORIGIN in app.yml will be global to all sites, which probably isn’t what you want in multisite. If you only have one site in a container, then using DISCOURSE_CORS_ORIGIN and “cors origins” will be the same.
8 Likes