Fix KEYCLOAK-8832 (#5735)

Avoid NullPointerException when browser sends "Origin" header and
allowedOrigin is null. This happens on chrome with admin console

services/src/main/java/org/keycloak/services/resources/Cors.java

@@ -143,7 +143,7 @@ public class Cors {
 
         if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
             if (logger.isDebugEnabled()) {
-                logger.debugv("Invalid CORS request: origin {0} not in allowed origins {1}", origin, Arrays.toString(allowedOrigins.toArray()));
+                logger.debugv("Invalid CORS request: origin {0} not in allowed origins {1}", origin, allowedOrigins);
             }
             return builder.build();
         }