Update readme file to include a tip to allow mcp-session-id in CORS when

Author: Achintha444

README.md

@@ -307,6 +307,21 @@ app.delete('/mcp', handleSessionRequest);
 app.listen(3000);
 ```
 
+> [!TIP]
+> When using this in a remote environment, make sure to allow the header parameter `mcp-session-id` in CORS. Otherwise, it may result in a `Bad Request: No valid session ID provided` error. 
+> 
+> For example, in Node.js you can configure it like this:
+> 
+> ```ts
+> app.use(
+>   cors({
+>     origin: '*',
+>     exposedHeaders: ['mcp-session-id'],
+>     allowedHeaders: ['Content-Type', 'mcp-session-id'],
+>   })
+> );
+> ```
+
 #### Without Session Management (Stateless)
 
 For simpler use cases where session management isn't needed: