How can CORS be enabled in Envoy?

Enabling CORS (Cross-Origin Resource Sharing) in Envoy can be achieved by configuring specific HTTP headers. This approach allows you to define which origins are permitted to access resources on your server, which methods are allowed for these requests, and which headers can be exposed to the client.

The correct answer highlights the fundamental mechanism of CORS, which relies on HTTP headers such as Access-Control-Allow-Origin, Access-Control-Allow-Methods, and Access-Control-Allow-Headers. By setting these headers appropriately within the Envoy configuration, you can manage cross-origin requests effectively, ensuring security while providing access as needed.

While other options may involve aspects relevant to managing traffic, they do not directly pertain to the method of enabling CORS in Envoy. A global policy could influence broader settings within Envoy but would not specifically address the nuances of CORS. Denying all cross-origin requests contradicts the purpose of enabling CORS since it restricts access instead of allowing it. Modifying DNS settings does not relate to CORS, which is strictly about HTTP headers and methods.