1. Proposed title of this feature request
Ensure Cross Origin Resource Sharing protection headers are present for the OpenShfit Web Console.

2. What is the nature and description of the request?
Currently, there is minimal protection for CORS in the OpenShift Web Console

CORS allows resources to be requested from another domain outside the domain from which the resource originated.

The absence of this has been known to be used with social-engineering/phishing to utilize existing session token on different website and cause users to issue malicious requests to the application without the users knowledge.

Impact
Exploitation of this vulnerability allows attackers to issue requests to the application on behalf of users and perform various tasks within the application.

3. Why does the customer need this? (List the business requirements here)
To increase the security of their platform

4. List any affected packages or components.
OpenShift Web Console.