I want to use a function like this to allow access to the feeds from a variety of services but my knowledge of the security implications is limited. I think I’m being safe by limiting the access to feeds.
What are the dangers (if any) I’m creating if I do this?
add_action( 'pre_get_posts', 'add_header_origin' );
function add_header_origin() {
if (is_feed()){
header( 'Access-Control-Allow-Origin: *' );
}
}