Describe the problem

Sometimes, due to reverse proxying and host limitations, it is not possible to match the ORIGIN of browser made Remote Function request to the URL that the sveltekit app is running on, in which case form RF fails with 403 Forbidden.

Describe the proposed solution

As discussed on discord with the maintainers, RFs should respect csrf.trustedOrigins field. Hence, setting trustedOrigins: ['*'] should allow form RF to just work regardless of ORIGIN mismatches

Alternatives considered

No response

Importance

i cannot use SvelteKit without it

Additional Information

No response