From 11feecf7726f6bbd5cf478bd7d8bc03abb00cde8 Mon Sep 17 00:00:00 2001
From: provokateurin <kate@provokateurin.de>
Date: Tue, 7 Jan 2025 15:41:19 +0100
Subject: [PATCH] docs(HTTP): Add proper docs for CORS attribute

Signed-off-by: provokateurin <kate@provokateurin.de>
---
 lib/public/AppFramework/Http/Attribute/CORS.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/public/AppFramework/Http/Attribute/CORS.php b/lib/public/AppFramework/Http/Attribute/CORS.php
index 2c3eac362cffe..ff63963563562 100644
--- a/lib/public/AppFramework/Http/Attribute/CORS.php
+++ b/lib/public/AppFramework/Http/Attribute/CORS.php
@@ -12,7 +12,9 @@
 use Attribute;
 
 /**
- * Attribute for controller methods that can also be accessed by not logged-in user
+ * Attribute for controller methods that can also be accessed by other websites.
+ * See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS for an explanation of the functionality and the security implications.
+ * See https://docs.nextcloud.com/server/latest/developer_manual/digging_deeper/rest_apis.html on how to implement it in your controller.
  *
  * @since 27.0.0
  */