According to the documentation at https://www.serverless.com/framework/docs/providers/aws/events/apigateway/#enabling-cors I should be able to add multiple origins to the cors definition:
cors: origins: - http://example.com - http://example2.com
and then mentioned that a response template will be used to return the correct one in the Access-Control-Allow-Origin header. However, when I do this I simply get both values returned and the browser throws a fit.
Is the response template not automatically generated? Should I add it myself to serverless.yaml? Is there an example somewhere I can have a look at?