I’m new to building Middleware and using CorsBuilder. I am needing to allow all origins for certain routes in my API. I have built a middleware to be applied on those routes. I’ve stepped through this with xdebug and the Middleware is executing but I don’t see any headers being added 
Running CakePHP 4.4
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
$response = $handler->handle($request);
if (
!$request instanceof ServerRequest ||
!$response instanceof Response ||
!$this->isCorsRequired($request)
) {
return $response;
}
$response = $response->cors($request)
->allowOrigin(['*'])
->allowMethods(['GET'])
->allowHeaders(['Authorization'])
->maxAge(300)
->build();
return $response;
}
routes.php
$routes->scope('/api', function (RouteBuilder $builder) {
$builder->applyMiddleware('cors');
Application.php
$routes->registerMiddleware('cors', new CorsMiddleware([
'skip' => [
[
'controller' => 'Swagger'
],
[
'controller' => 'Auth',
'action' => 'auth',
],
]
]));