Security implications of multihost with `-e "aliasgroup1=https://(.*)/"`

In the installation manual is a section about using multiple hosts to access the CODE server.

Is there any problem with putting all hosts into a single aliasgroup, like that one WOPI host could access the opened files on another host?

CODE server acts as WOPI client and the server which invokes the CODE is the WOPI server. Connecting multiple WOPI servers to a single CODE instance results in a situation CODE (WOPI client) has access to subset files stored on multiple servers. but there is no way one WOPI server can access files stored on another WOPI server…

Maybe this drawing clarifies which component how can access the files: