Description of flags related to your node's web security
Accepts a comma-separated lists of origin domains that will be allowed as the Access-Control-Allow-Origin HTTP header. Defaults to * if not set which allows all origin domains.
If set, runs our secure header middleware in development mode, which disables some of the options. The default is true to make it easy to run a node locally. See https://github.com/unrolled/secure for more info.
This is the domain that our secure middleware will accept requests from. We also set the HTTP Access-Control-Allow-Origin