Seems there was a breaking change to CORS, we caught it in our Stage environment.
We used to configure the origins field with (.)company.com to allow for a regex of subdomains on 0.14.x, in 1.0 this errors and isn’t supported. We ended up having to reconfigure the few proxies leveraging CORS plugin to * that needed wildcarding but that is not very restrictive. Is there an alternative to the original regex we were using that works?
I think this PR changed the behavior: