CORS_ORIGIN doesn't support a comma separated value contrary to what's stated in the docs

[gamedevsam]

Describe the bug

Providing a comma separated list of URLS to the CORS_ORIGIN env var results in the following error on browser clients:

Access to fetch at '[REDACTED]' from origin '[REDACTED]' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '[REDACTED],[REDACTED]', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

I expected this to work since the documentation states:

Origin URL or list of comma separated list of URLs to whitelist for CORS

Steps to reproduce the bug

1. Create an Unleash proxy with CORS_ORIGIN containing two domains
2. Access the proxy via a browser on either domain
3. Notice the error

Expected behavior

I expected this to work since the documentation states:

Origin URL or list of comma separated list of URLs to whitelist for CORS

Logs, error output, etc.

Access to fetch at '[REDACTED]' from origin '[REDACTED]' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '[REDACTED],[REDACTED]', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

### Screenshots

_No response_

### Additional context

_No response_

### Unleash version

2.5.0

### Subscription type

Open source

### Hosting type

Self-hosted

### SDK information (language and version)

_No response_

[gamedevsam]

Nevermind, turns out we were using a very old version of @unleash/proxy, my mistake.