From 9f29086afe61fd1d6e34f268ea02c2e71139c65b Mon Sep 17 00:00:00 2001
From: Ian Renton <ian@ianrenton.com>
Date: Sat, 4 Oct 2025 12:07:17 +0100
Subject: [PATCH] nginx config notes

---
 README.md | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 536e497..a93a218 100644
--- a/README.md
+++ b/README.md
@@ -92,18 +92,14 @@ server {
         alias /var/www/html/.well-known/;
     }
     
-    # Allow cross-origin API access
-    location ~ ^/api/.*$ {
-        add_header Access-Control-Allow-Origin *;
-    }
-    
     location / {
+        add_header Access-Control-Allow-Origin *;
         proxy_pass http://127.0.0.1:8080;
     }
 }
 ```
 
-One further change you might want to make to the file above is the cross-origin API access block. This is what's used on
+One further change you might want to make to the file above is the `add_header Access-Control-Allow-Origin *;` statement. This is what's used on
 my own Spothole server to make sure that other third-party web-based software can get the data from my instance. If you want
 *your* Spothole instance to be set up the same way, so that others can write software in JavaScript that can access it,
 leave this intact. But if you want your Spothole instance to only be usable by scripts running on the web server you write,