Issue with CORS and form submission when allowedGraphqlOrigins is false

[BorisWRLB]

When setting allowedGraphqlOrigins to false form submissions crash.

Steps to reproduce

1. Create a form (set up like any other form)
2. Set allowedGraphqlOrigins to false in general.php
3. Submit a form that has CSRF

Expected behavior
Form gets submitted

Craft & Plugin Info (please complete the following information):

• Craft Version: 4.7.3
• Freeform Version: 4.1.13
• Freeform Edition: Pro
• Fresh Install or Upgrade: fresh or upgrade wouldn't make a difference here.

Additional context
I am fairly sure I know where the issue resides, in SubmitController:96 the line $origins = $generalConfig-allowedGraphqlOrigins is set.
Then later it is passed in the corsFilter through $event->getHeaders()

Yii2 framework later does an in_array() check, but the value is still false here.
Resulting in in_array(): Argument #2 ($haystack) must be of type array, bool given on vendor/yiisoft/yii2/filters/Cors.php::prepareHeaders

I'd submit a PR but I currently am short on time to properly test this, I suggest checking the cases where the config is set to false, and possibly also null.

[kjmartens]

Sorry for the trouble @BorisWRLB. We'll check into it shortly. 🙂

[kjmartens]

This should be resolved in Freeform 4.1.18+ and Freeform 5.1.19+. 🙂