I saw this model appear in several teams. They have a server with a REST API and a front-end Web project.
What happens often is that the front-end developer realizes that its requests are blocked by CORS and creates a REST API for the frontend that only sends the requests to the main server. This API finally intercepts some business logic and turns into its own server, managing half of the main responsibility regardless of the real main server.
How can this motive be avoided? It is unacceptable to allocate business logic between two API projects and have to run two APIs to use the front-end interface. Is there an appropriate way to create a "parameterize and forget" proxy of the CORS database for the interface, without creating a dump?