hardcoded default CORS to https, since drivers only support secure connections

2025-11-03 11:36:08 +00:00 · 2022-12-29 19:14:49 +01:00
parent 9a5cf9ff81
commit a8504f3017
2 changed files with 4 additions and 3 deletions
--- a/README.md
+++ b/README.md
@@ -287,12 +287,14 @@ After first success you have to replace `--issue` with `--renew`.
 | `DLS_PORT`          | `443`                                  | Used in client-token to tell guest driver where dls instance is reachable           |
 | `LEASE_EXPIRE_DAYS` | `90`                                   | Lease time in days                                                                  |
 | `DATABASE`          | `sqlite:///db.sqlite`                  | See [official SQLAlchemy docs](https://docs.sqlalchemy.org/en/14/core/engines.html) |
-| `CORS_ORIGINS`      | `https://{DLS_URL}`                    | Sets `Access-Control-Allow-Origin` header (comma separated string)                  |
+| `CORS_ORIGINS`      | `https://{DLS_URL}`                    | Sets `Access-Control-Allow-Origin` header (comma separated string) \*               |
 | `SITE_KEY_XID`      | `00000000-0000-0000-0000-000000000000` | Site identification uuid                                                            |
 | `INSTANCE_REF`      | `00000000-0000-0000-0000-000000000000` | Instance identification uuid                                                        |
 | `INSTANCE_KEY_RSA`  | `<app-dir>/cert/instance.private.pem`  | Site-wide private RSA key for singing JWTs                                          |
 | `INSTANCE_KEY_PUB`  | `<app-dir>/cert/instance.public.pem`   | Site-wide public key                                                                |

+\* Always use `https`, since guest-drivers only support secure connections!
+
 # Setup (Client)

 **The token file has to be copied! It's not enough to C&P file contents, because there can be special characters.**