Restrict CORS rules on the Python server

[milancurcic]

I didn't notice this before but Flask's CORS defaults, i.e.:

playground/backend/app.py

Line 13 in 8126026

cors = CORS(app)

allow requests from any origins.

We should restrict the origins to http://localhost (development) and https://play.fortran-lang.org (production).

@ashirrwad do you think you can tackle this? I'm not as familiar with Flask.

[ashirrwad]

Yes, of course. Allowing cors for all sources helped make development simpler. I'll add rules for specific origins.