Add reminder about the CORS policy

2025-11-25 02:50:36 +01:00 · 2025-02-25 20:08:54 +01:00
parent dbca3a20c1
commit e04b00317e
189 changed files with 21646 additions and 24 deletions
--- a/opensaas-sh/blog/src/content/docs/guides/deploying.mdx
+++ b/opensaas-sh/blog/src/content/docs/guides/deploying.mdx
@@ -30,10 +30,13 @@ These are the steps necessary for you to deploy your app. We recommend you follo
 Each of these steps is covered in more detail below.

 ### Prerequisites
-
-Make sure you've got all your API keys and environment variables set up before you deploy. 
+#### AWS S3 CORS configuration
+If you're storing files in AWS S3, ensure you've listed your production domain
+in the bucket's CORS configuration under `AllowedOrigins`. Check the [File
+uploading guide](/guides/file-uploading/#change-the-cors-settings) for details.

 #### Env Vars
+Make sure you've got all your API keys and environment variables set up before you deploy.
 ##### Payment Processor Vars
 In the [Payments Processor integration guide](/guides/payments-integration/), you set up your API keys using test keys and test product ids. You'll need to get the live/production versions of those keys. To get these, repeat the instructions in the [Integration Guide](/guides/payments-integration/) without being in test mode. Add the new keys to your deployed environment secrets.

--- a/opensaas-sh/blog/src/content/docs/guides/file-uploading.mdx
+++ b/opensaas-sh/blog/src/content/docs/guides/file-uploading.mdx
@@ -81,28 +81,32 @@ Now we need to change some permissions on the bucket to allow for file uploads f
    <Image src={cors} alt="cors" loading="lazy" />
 5. Insert the correct CORS configuration and click `Save changes`. You can
   copy-paste most of the config below, but **you must edit the
-  `AllowedOrigins` field** to fit your app. Include `http://localhost:3000` for
-local development, and `https://<your domain>` for production.
-    ```json {11,12}
-    [
-        {
-            "AllowedHeaders": [
-                "*"
-            ],
-            "AllowedMethods": [
-                "PUT",
-                "GET"
-            ],
-            "AllowedOrigins": [
-                "http://localhost:3000",
-                "https://<your-domain>"
-            ],
-            "ExposeHeaders": []
-        }
-    ]
-    ```
-    As an example, here are the CORS permissions for this site - https://opensaas.sh:
-    <Image src={corsExample} alt="cors-example" loading="lazy" />
+   `AllowedOrigins` field** to fit your app. Include `http://localhost:3000` for
+   local development, and `https://<your domain>` for production.
+
+   If you don't yet have a domain name, just list `http://localhost:3000` for
+   now. We'll remind you to add your domain before deploying to production in
+   the [Deployment docs](/guides/deploying/#aws-s3-cors-configuration).
+   ```json {11,12}
+   [
+       {
+           "AllowedHeaders": [
+               "*"
+           ],
+           "AllowedMethods": [
+               "PUT",
+               "GET"
+           ],
+           "AllowedOrigins": [
+               "http://localhost:3000",
+               "https://<your-domain>"
+           ],
+           "ExposeHeaders": []
+       }
+   ]
+   ```
+   As an example, here are the CORS permissions for this site - https://opensaas.sh:
+   <Image src={corsExample} alt="cors-example" loading="lazy" />

 ### Get your AWS S3 credentials