At the moment, CORS is enabled.:
|
const app = await NestFactory.create(AppModule, { cors: true }); |
Currently, this is no problem as the backend only serves data that is publically available. But as soon as we introduce protected routes, it should be disabled.