docs(HTTP): Add proper docs for CORS attributebackport/50070/stable30

Signed-off-by: provokateurin <kate@provokateurin.de>
author: provokateurin <kate@provokateurin.de> 2025-01-07 15:41:19 +0100
committer: backportbot[bot] <backportbot[bot]@users.noreply.github.com> 2025-01-09 11:07:09 +0000
commit: 9f9576073468cd8804a290592a5d7215cc6b3de5 (patch)
tree: 4d59adc583086d8edffbc3361350af30dc6052c9 /lib
parent: 01f89cb2c7f99fc1280c54e4364c7c5c7d61c9bc (diff)
download: nextcloud-server-backport/50070/stable30.tar.gz
nextcloud-server-backport/50070/stable30.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/public/AppFramework/Http/Attribute/CORS.php b/lib/public/AppFramework/Http/Attribute/CORS.php
index 2c3eac362cf..ff639635635 100644
--- a/lib/public/AppFramework/Http/Attribute/CORS.php
+++ b/lib/public/AppFramework/Http/Attribute/CORS.php
@@ -12,7 +12,9 @@ namespace OCP\AppFramework\Http\Attribute;
 use Attribute;
 
 /**
- * Attribute for controller methods that can also be accessed by not logged-in user
+ * Attribute for controller methods that can also be accessed by other websites.
+ * See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS for an explanation of the functionality and the security implications.
+ * See https://docs.nextcloud.com/server/latest/developer_manual/digging_deeper/rest_apis.html on how to implement it in your controller.
  *
  * @since 27.0.0
  */
author	provokateurin <kate@provokateurin.de>	2025-01-07 15:41:19 +0100
committer	backportbot[bot] <backportbot[bot]@users.noreply.github.com>	2025-01-09 11:07:09 +0000
commit	9f9576073468cd8804a290592a5d7215cc6b3de5 (patch)
tree	4d59adc583086d8edffbc3361350af30dc6052c9 /lib
parent	01f89cb2c7f99fc1280c54e4364c7c5c7d61c9bc (diff)
download	nextcloud-server-backport/50070/stable30.tar.gz nextcloud-server-backport/50070/stable30.zip