By default, Sharaf sets no permitted origins.
This means you can only use the API/website from the same domain.
If you want to configure it to be available for other domains,
use the withCorsSettings method and set desired config:
import ba.sake.sharaf.handlers.cors.CorsSettings
import ba.sake.sharaf.*, routing.*
val corsSettings = CorsSettings.default.withAllowedOrigins(Set("https://example.com"))
SharafHandler(routes).withCorsSettings(corsSettings)...