From 7ed23b1eb8b91f395039c52aeaa0aea31f29dbd9 Mon Sep 17 00:00:00 2001 From: Juliusz Chroboczek Date: Tue, 12 Nov 2024 14:12:16 +0100 Subject: [PATCH] Tone down description of publicServer. --- README | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index 07d7430..887d138 100644 --- a/README +++ b/README @@ -110,8 +110,8 @@ The fields are as follows: files; by default, group files are treated as read-only; - `publicServer`: if true, then cross-origin access to the server is - allowed. This is safe if the server is on the public Internet, but not - necessarily so if it is on a private network. + allowed. This makes the server vulnerable to cross-origin scripting + attacks, but is necessary in some cases. - `proxyURL`: if running behind a reverse proxy, this specifies the root URL that will be visible outside the proxy.