docs: add CORS configuration section to README

Agent-Logs-Url: https://github.com/SamueleLorefice/MilkyShots/sessions/45efe1a3-cd3d-4e90-b6ea-10de28631f2a

Co-authored-by: SamueleLorefice <6562494+SamueleLorefice@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-23 02:42:11 +00:00
committed by GitHub
parent 12a1e7624d
commit b57314a44a

View File

@@ -5,3 +5,39 @@
_A place where to look for images_
**TODO: fill more information here**
## Configuration
### CORS allowed origins
The API uses a CORS policy to control which browser origins may call it.
Allowed origins are configured via the `CorsAllowedOrigins` key.
**`appsettings.json` (default / development)**
```json
{
"CorsAllowedOrigins": [ "http://localhost:5269", "http://localhost:8080" ]
}
```
**Environment variable (Docker / production)**
Set the `CorsAllowedOrigins` environment variable to a **semicolon-separated** list of
origins. This value **replaces** the entire array from `appsettings.json`, so you must
list every origin you want to allow:
```
CorsAllowedOrigins=http://myserver:8080
# or multiple origins:
CorsAllowedOrigins=http://myserver:8080;https://myserver.example.com
```
To allow any origin (useful when the server IP is unknown at deploy time):
```
CorsAllowedOrigins=*
```
This is already set up in `docker-compose.yml` — override it with your server's
hostname/IP if you are not running on localhost.