You can safely store secrets inside GraphQL Editor Cloud. To do so, navigate to microservices (CTRL+K, C, M) then Settings (CTRL+K, S) edit secrets and Save button.
CORS
You can add Allowed Origins inside CORS menu inside Settings menu same as for secrets
After editing is done please click the big save configuration button.