Git Repo Viewer
git.user254.kr/gitiles/f701810bb0beddce11fee734e51132f81e7bd61a^!/./Documentation
commit
f701810bb0beddce11fee734e51132f81e7bd61a
[log] [tgz]
author
David Pursehouse <[email protected]>
Thu Aug 25 10:10:23 2016 +0900
committer
David Pursehouse <[email protected]>
Thu Aug 25 10:12:45 2016 +0900
tree
1b1f34efe43f1464e051d05b1e79a9e2d6d8caf1
parent
240fbff85d42455ee57aa4f8f0bc526c4cd33a1b [diff]
Add documentation of CORS configuration

Change-Id: I6c73e11314587cc663da3ea509b175f498e931ca

diff --git a/Documentation/config.md b/Documentation/config.md
index 2779dd7..9a99ced 100644
--- a/Documentation/config.md
+++ b/Documentation/config.md

@@ -5,6 +5,21 @@
 
 [TOC]
 
+## Core configuration
+
+### Cross-Origin Resource Sharing (CORS)
+
+Gitiles sets the `Access-Control-Allow-Origin` header to the
+HTTP origin of the client if the client's domain matches a regular
+expression defined in `allowOriginRegex`.
+
+```
+[gitiles]
+  allowOriginRegex = http://localhost
+```
+
+By default `allowOriginRegex` is unset, denying all cross-origin requests.
+
 ## Markdown
 
 ### Disabling markdown