Change some wordings in documentation

Co-authored-by: hroff-1902 <47309513+hroff-1902@users.noreply.github.com>
This commit is contained in:
Matthias 2020-06-27 15:26:55 +02:00 committed by GitHub
parent 5423d8588e
commit 185fab7b57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -237,13 +237,13 @@ Since the access token has a short timeout (15 min) - the `token/refresh` reques
## CORS ## CORS
All web-based frontends are subject to [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) - Cross-Origin Resource Sharing. All web-based frontends are subject to [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) - Cross-Origin Resource Sharing.
Since most request to the Freqtrade API must be authenticated, a proper CORS policy is key to avoid security problems. Since most of the requests to the Freqtrade API must be authenticated, a proper CORS policy is key to avoid security problems.
Also, the Standard disallows `*` CORS policies for requests with credentials, so this setting must be done appropriately. Also, the standard disallows `*` CORS policies for requests with credentials, so this setting must be set appropriately.
Users can configure this themselfs via the `CORS_origins` configuration setting. Users can configure this themselves via the `CORS_origins` configuration setting.
It consists of a list of allowed sites that are allowed to consume resources from the bot's API. It consists of a list of allowed sites that are allowed to consume resources from the bot's API.
Assuming your Application would be deployed as `https://frequi.freqtrade.io/home/` - this would mean that the following configuration becomes necessary: Assuming your application is deployed as `https://frequi.freqtrade.io/home/` - this would mean that the following configuration becomes necessary:
```jsonc ```jsonc
{ {