I kept it inside my config folder if that helps! Just change the allowed origins or strict the headers, your call. It's some sort of security policy that browsers are strictly applying for the safety of the users and that's why you are not facing it when you tried your https://joshuar518xbd8.wikitidings.com/user
