Description
Create a dedicated guide for CORS configuration in Nerva APIs. The pipeline config sets CORS defaults (`origins: ["*"]`), but there's no documentation explaining how to configure CORS for different environments.
Why
CORS misconfiguration is one of the most common API deployment issues. New developers frequently struggle with CORS errors. A dedicated guide with environment-specific examples (development wildcard, production allowlist) prevents hours of debugging.
Current State
`pipeline.config.json`:
```json
"cors": {
"enabled": true,
"origins": ["*"],
"methods": ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"],
"allowHeaders": ["Content-Type", "Authorization", "X-API-Key"],
"maxAge": 86400
}
```
Acceptance Criteria
Description
Create a dedicated guide for CORS configuration in Nerva APIs. The pipeline config sets CORS defaults (`origins: ["*"]`), but there's no documentation explaining how to configure CORS for different environments.
Why
CORS misconfiguration is one of the most common API deployment issues. New developers frequently struggle with CORS errors. A dedicated guide with environment-specific examples (development wildcard, production allowlist) prevents hours of debugging.
Current State
`pipeline.config.json`:
```json
"cors": {
"enabled": true,
"origins": ["*"],
"methods": ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"],
"allowHeaders": ["Content-Type", "Authorization", "X-API-Key"],
"maxAge": 86400
}
```
Acceptance Criteria