From f0b56274d75374169e5fd33a4adbc30884e4eec9 Mon Sep 17 00:00:00 2001
From: Pokey <79169880+Pokeylooted@users.noreply.github.com>
Date: Mon, 4 Mar 2024 18:15:33 -0600
Subject: [PATCH] Make CORS variable info more specific

---
 content/4.backend/1.deploy.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/content/4.backend/1.deploy.md b/content/4.backend/1.deploy.md
index 34155bc..0829e70 100644
--- a/content/4.backend/1.deploy.md
+++ b/content/4.backend/1.deploy.md
@@ -77,6 +77,9 @@ Your backend should be accessible on `(YourPrivateIP):80`. To share it outside y
 To enhance your SSL and domain configuration, it's advisable to establish a reverse proxy, such as Nginx. For an optimal choice in this regard, Cloudflare Zero Trust Tunnel is recommended. You can find more information [here](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/).
 
 - If you decide to utilize a reverse proxy, it's important to include `MWB_SERVER__CORS: "example.com movie.example.com"` in your configuration.
+- If you use a reverse proxy behind a domain, add `MWB_SERVER__CORS: "https://movie.example.com"`.
+  - `MWB_SERVER__CORS` must contain a **space-separated** list of origins (Protocol + Hostname) for the client to be able to access the backend.
+
 - Depending on your specific setup, you may also require the addition of `MWB_SERVER__TRUST_PROXY: true` and `MWB_SERVER__TRUST_CLOUDFLARE: true`.
 
 ## Method 2 - Railway (Easy)