From fb69c8a9470a61fc99254584ae24f0e56da32b1e Mon Sep 17 00:00:00 2001
From: Dhananjay Agrawal <dhananjay.agrawal@aexp.com>
Date: Fri, 28 Oct 2022 11:35:13 -0400
Subject: [PATCH 1/2] (fix): readme updated for #271 origin option for *

---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c42d4a7..f35fa61 100644
--- a/README.md
+++ b/README.md
@@ -193,7 +193,9 @@ app.listen(80, function () {
 
 * `origin`: Configures the **Access-Control-Allow-Origin** CORS header. Possible values:
   - `Boolean` - set `origin` to `true` to reflect the [request origin](http://tools.ietf.org/html/draft-abarth-origin-09), as defined by `req.header('Origin')`, or set it to `false` to disable CORS.
-  - `String` - set `origin` to a specific origin. For example if you set it to `"http://example.com"` only requests from "http://example.com" will be allowed.
+  - `String` - set `origin` to a specific origin. For example, if you set it to
+    - `"http://example.com"` only requests from "http://example.com" will be allowed.
+    - `"*"` for all domains to be allowed. This is UNSAFE and not recommended.
   - `RegExp` - set `origin` to a regular expression pattern which will be used to test the request origin. If it's a match, the request origin will be reflected. For example the pattern `/example\.com$/` will reflect any request that is coming from an origin ending with "example.com".
   - `Array` - set `origin` to an array of valid origins. Each origin can be a `String` or a `RegExp`. For example `["http://example1.com", /\.example2\.com$/]` will accept any request from "http://example1.com" or from a subdomain of "example2.com".
   - `Function` - set `origin` to a function implementing some custom logic. The function takes the request origin as the first parameter and a callback (called as `callback(err, origin)`, where `origin` is a non-function value of the `origin` option) as the second.

From 57341a26f7c689e66c04d11754946f577fdb9f52 Mon Sep 17 00:00:00 2001
From: dhananjaysa92 <116092192+dhananjaysa92@users.noreply.github.com>
Date: Fri, 28 Oct 2022 14:25:05 -0400
Subject: [PATCH 2/2] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f35fa61..6213678 100644
--- a/README.md
+++ b/README.md
@@ -195,7 +195,7 @@ app.listen(80, function () {
   - `Boolean` - set `origin` to `true` to reflect the [request origin](http://tools.ietf.org/html/draft-abarth-origin-09), as defined by `req.header('Origin')`, or set it to `false` to disable CORS.
   - `String` - set `origin` to a specific origin. For example, if you set it to
     - `"http://example.com"` only requests from "http://example.com" will be allowed.
-    - `"*"` for all domains to be allowed. This is UNSAFE and not recommended.
+    - `"*"` for all domains to be allowed. 
   - `RegExp` - set `origin` to a regular expression pattern which will be used to test the request origin. If it's a match, the request origin will be reflected. For example the pattern `/example\.com$/` will reflect any request that is coming from an origin ending with "example.com".
   - `Array` - set `origin` to an array of valid origins. Each origin can be a `String` or a `RegExp`. For example `["http://example1.com", /\.example2\.com$/]` will accept any request from "http://example1.com" or from a subdomain of "example2.com".
   - `Function` - set `origin` to a function implementing some custom logic. The function takes the request origin as the first parameter and a callback (called as `callback(err, origin)`, where `origin` is a non-function value of the `origin` option) as the second.