Fixed misleading info in README and source file about patterns

haproxytechblog · haproxytechblog · commit 8461ba852b06 · 2022-01-08T19:56:56.000-05:00
diff --git a/README.md b/README.md
@@ -48,11 +48,11 @@ For the list of allowed origins, you can specify patterns such as:
 
 | pattern                       | example                  | description                                                             |
 |-------------------------------|--------------------------|-------------------------------------------------------------------------|
-| domain name alone             | mydomain.com             | allow any scheme (HTTP or HTTPS) for mydomain.com from ALL source ports |
-| generic schema and domain     | //mydomain.com           | allow any scheme (HTTP or HTTPS) for mydomain.com from ALL source ports |
+| domain name alone             | mydomain.com             | allow any scheme (HTTP or HTTPS) for mydomain.com                       |
+| generic schema and domain     | //mydomain.com           | allow any scheme (HTTP or HTTPS) for mydomain.com                       |
 | schema and domain name        | https://mydomain.com     | allow only HTTPS of mydomain.com                                        |
 | schema, domain name, and port | http://mydomain.com:8080 | allow only HTTP of mydomain.com from port 8080                          |
-| dot and domain name           | .mydomain.com            | allow ALL subdomains of mydomain.com from ALL source ports              |
+| dot and domain name           | .mydomain.com            | allow ALL subdomains of mydomain.com                                    |
 | dot, domain name, and port    | .mydomain.com:443        | allow ALL subdomains of mydomain.com from default HTTPS source port     |
 
 ## Examples
diff --git a/lib/cors.lua b/lib/cors.lua
@@ -70,12 +70,12 @@ end
 -- If the given origin is found within the allowed_origins string, it is returned. Otherwise, nil is returned.
 -- origin: The value from the 'origin' request header
 -- allowed_origins: Comma-delimited list of allowed origins. (e.g. localhost,https://localhost:8080,//test.com)
---   e.g. localhost                : allow http(s)://localhost from ALL source ports
---   e.g. //localhost              : allow http(s)://localhost from ALL source ports
+--   e.g. localhost                : allow http(s)://localhost
+--   e.g. //localhost              : allow http(s)://localhost
 --   e.g. https://mydomain.com     : allow only HTTPS of mydomain.com
 --   e.g. http://mydomain.com      : allow only HTTP of mydomain.com
 --   e.g. http://mydomain.com:8080 : allow only HTTP of mydomain.com from port 8080
---   e.g. //mydomain.com           : allow only http(s)://mydomain.com from ALL source ports
+--   e.g. //mydomain.com           : allow only http(s)://mydomain.com
 --   e.g. .mydomain.com            : allow ALL subdomains of mydomain.com from ALL source ports
 --   e.g. .mydomain.com:443        : allow ALL subdomains of mydomain.com from default HTTPS source port
 -- 
