Tighten up S3 CORS configuration

opensaas-sh/blog/src/content/docs/guides/file-uploading.mdx

@@ -11,6 +11,7 @@ import defaultSettings from '@assets/file-uploads/default-settings.png';
 import newBucket from '@assets/file-uploads/new-bucket.png';
 import permissions from '@assets/file-uploads/permissions.png';
 import cors from '@assets/file-uploads/cors.png';
+import corsExample from '@assets/file-uploads/cors-example.png';
 import username from '@assets/file-uploads/username.png';
 import keys from '@assets/file-uploads/keys.png';
 
@@ -78,8 +79,11 @@ Now we need to change some permissions on the bucket to allow for file uploads f
     <Image src={permissions} alt="permissions" loading="lazy" />
 3. Scroll down to the `Cross-origin resource sharing (CORS)` section and click `Edit`
     <Image src={cors} alt="cors" loading="lazy" />
-5. Paste the following CORS configuration and click `Save changes`:
-```json
+5. Insert the correct CORS configuration and click `Save changes`. You can
+   copy-paste most of the config below, but **you must edit the
+  `AllowedOrigins` field** to fit your app. Include `http://localhost:3000` for
+local development, and `https://<your domain>` for production.
+    ```json {11,12}
     [
         {
             "AllowedHeaders": [
@@ -90,12 +94,15 @@ Now we need to change some permissions on the bucket to allow for file uploads f
                 "GET"
             ],
             "AllowedOrigins": [
-            "*"
+                "http://localhost:3000",
+                "https://<your-domain>"
             ],
             "ExposeHeaders": []
         }
     ]
     ```
+    As an example, here are the CORS permissions for this site - https://opensaas.sh:
+    <Image src={corsExample} alt="cors-example" loading="lazy" />
 
 ### Get your AWS S3 credentials