CORSConfig doesn't work with Origin[]

[lomithrani]

Setting up cors with multiple origin doesn't work it returns multiple Access-Control-Allow-Origin when it should only return caller

Access to fetch at 'http://localhost:3000/experiences' from origin 'http://127.0.0.1:5173' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'http://127.0.0.1:5173, http://localhost:4000', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

@elysiajs/cors@^0.7.0": 
  version "0.7.0"
  resolved "https://registry.npmjs.org/@elysiajs/cors/-/cors-0.7.0.tgz"
  integrity sha512-BOR7FyIdE5WE+LzFBSOY/yTnl8+56UiIaSanQr61gL1UGbqsNRqR+L1XOV7GPMsxiWBY+m/1nnXYlIvAZ1NmWg==
  
elysia@^0.7.12: 
  version "0.7.12"
  resolved "https://registry.npmjs.org/elysia/-/elysia-0.7.12.tgz"
  integrity sha512-2dHTLgrkWdgt81zJvJD6nMWDXp77NcU/L80nIl8VjzQVtkvPQ26/dbEze+XMQ8stKcI4cv5f+S02JV3rV67DmA==
  dependencies: 
    "@sinclair/typebox" "^0.31.15"
    cookie "^0.5.0"
    cookie-signature "^1.2.1"
    eventemitter3 "^5.0.1"
    fast-querystring "^1.1.2"
    memoirist "0.1.4"
    openapi-types "^12.1.3"

[lomithrani]

It does work to do something like this :

origin: (request: Request): boolean => {
      const origin = request.headers.get('origin');
      if (!origin) {
        return false;
      }
      const allowedOrigins = JSON.parse(Bun.env.ALLOWED_DOMAINS || '[]') as string[];
      return allowedOrigins.includes(origin);
    }

But we would expect origin: JSON.parse(Bun.env.ALLOWED_DOMAINS || '[]') as string[] to work the same way

[abielzulio]

@lomithrani Hi! Have you figured out the solution?

[L-Mario564]

@SaltyAom This is still an issue.