diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-12-14 23:24:27 -0800 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-12-15 00:06:20 -0800 |
| commit | 9c9f35734e795e3c2cea21384349b655d7ffa164 (patch) | |
| tree | 66351cc8a4d72f2eabb2a6ec6ee96ed7abbb253f /README.md | |
| parent | 15e37e367c7e30a8b172c5a379791fb3e0b820b8 (diff) | |
| download | posthook-9c9f35734e795e3c2cea21384349b655d7ffa164.tar.gz posthook-9c9f35734e795e3c2cea21384349b655d7ffa164.zip | |
Add cors flags
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -297,7 +297,6 @@ UUID: 123e4567-e89b-12d3-a456-426614174000 Requests are stored per-topic in a per-request directory: `data/{routeName}/{timestamp}_{uuid}/`: - `request.json` - full stored request (headers + parsed body + file metadata) -- `body.json` - parsed body only (convenience) - `files/` - uploaded files (multipart only) Example `request.json`: @@ -381,6 +380,7 @@ Then configure your reverse proxy: - `--host` - Server host (default: 0.0.0.0) - `--data-dir` - Data storage directory (default: ./data) - `--token-secret` - HMAC secret for token signing (optional, generates random if not provided) +- `--cors-origins` - Allowed CORS origins (default: `*`). Supports `*`, exact origins (`https://a.com`), and host patterns (`liz.coffee`, `*.liz.coffee`). When not `*`, only `https` origins are allowed. Responses only set `Access-Control-Allow-Origin` (preflight uses the standard allow-\* headers). ### Environment Variables: |