Should forgery-protection-origin-check be enabled while and Rack::Cors is enabled?

Was wondering about forgery_protection_origin_check and how it relates to setting up Rack::Cors middleware which rails ships with.

Seems like you can define origins within the Rack::Cors middleware, so I’m wondering if maybe those origins should be respected when performing forgery_protection_origin_check.

Or is the solution just to disable this additional check when using Rack::Cors?