From c4fb36b8c8ee23fc75d56f229253bca316020ee3 Mon Sep 17 00:00:00 2001 From: Jason Carver Date: Thu, 2 Jul 2015 18:06:58 -0700 Subject: [PATCH] daemon help docs for CORS Convey the basic idea, plus an example. Don't encourage using `*`. This would have saved me some code spelunking. --- cmd/ipfs/daemon.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cmd/ipfs/daemon.go b/cmd/ipfs/daemon.go index 90eed934e..dd244407a 100644 --- a/cmd/ipfs/daemon.go +++ b/cmd/ipfs/daemon.go @@ -68,7 +68,13 @@ in the network, use 0.0.0.0 as the ip address: Be careful if you expose the API. It is a security risk, as anyone could control your node remotely. If you need to control the node remotely, make sure to protect -the port as you would other services or database (firewall, authenticated proxy, etc).`, +the port as you would other services or database (firewall, authenticated proxy, etc). + +In order to explicitly allow Cross-Origin requests, export the root url as +environment variable API_ORIGIN. For example, to allow a local server at port 8888, +run this then restart the daemon: + + export API_ORIGIN="http://localhost:8888/`, }, Options: []cmds.Option{