From e4e537b69f397e8addb05783f976406eb408b75d Mon Sep 17 00:00:00 2001
From: mr1716 <msr1716@rit.edu>
Date: Wed, 5 Feb 2025 07:04:24 -0500
Subject: [PATCH] Update security.md

---
 docs/configuration/security.md | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/docs/configuration/security.md b/docs/configuration/security.md
index b97f31432..23e93fa94 100644
--- a/docs/configuration/security.md
+++ b/docs/configuration/security.md
@@ -55,17 +55,18 @@ If True, cross-origin resource sharing (CORS) requests will be accepted from all
 
 ## CORS_ORIGIN_WHITELIST
 
-## CORS_ORIGIN_REGEX_WHITELIST
-
-These settings specify a list of origins that are authorized to make cross-site API requests. Use
-`CORS_ORIGIN_WHITELIST` to define a list of exact hostnames, or `CORS_ORIGIN_REGEX_WHITELIST` to define a set of regular 
-expressions. (These settings have no effect if `CORS_ORIGIN_ALLOW_ALL` is True.) For example:
-
+This setting specifies a list of hostnames that are allowed to make cross-site API requests. Please note that this setting will have no effect if `CORS_ORIGIN_ALLOW_ALL` is True. For example:
 ```python
 CORS_ORIGIN_WHITELIST = [
     'https://example.com',
 ]
 ```
+---
+
+## CORS_ORIGIN_REGEX_WHITELIST
+
+These settings specify a list of origins that are authorized to make cross-site API requests. This value, `CORS_ORIGIN_REGEX_WHITELIST`, is used to define a set of regular 
+expressions. (These settings have no effect if `CORS_ORIGIN_ALLOW_ALL` is True.) 
 
 ---