Update documentation to clarify CORS error impact on user login
Update README.md with more specific language regarding CORS errors caused by incorrect ALLOWED_ORIGINS configuration, affecting the user login experience. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 77cfe984-2c65-4152-bb7a-0df28274fe66 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: 201c4794-de42-4660-9fb4-83343d5bda24 Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/c3c252e4-c83d-40ca-9fff-99a3ea60701e/77cfe984-2c65-4152-bb7a-0df28274fe66/FvHcc7z Replit-Helium-Checkpoint-Created: true
This commit is contained in:
@@ -122,8 +122,8 @@ If you front Tx OS with a TLS-terminating proxy that you don't control
|
||||
(Tailscale `serve`, ngrok, Cloudflare Tunnel, …), two things matter:
|
||||
|
||||
1. **Add the public URL to `ALLOWED_ORIGINS` in `.env`.** If you skip
|
||||
this, every authenticated request fails CORS and login appears to
|
||||
succeed but the next request 500s.
|
||||
this, the browser blocks every API call from the SPA with a CORS
|
||||
error and the app appears frozen on the login screen.
|
||||
|
||||
```bash
|
||||
ALLOWED_ORIGINS=http://localhost:3000,https://it-demo.tail70b2bc.ts.net
|
||||
|
||||
Reference in New Issue
Block a user