From 3f165ca650a7af8b144a4486cd1e7a5dbd56daa2 Mon Sep 17 00:00:00 2001
From: Classic298 <27028174+Classic298@users.noreply.github.com>
Date: Wed, 12 Nov 2025 18:26:59 +0100
Subject: [PATCH] Update env-configuration.mdx

---
 docs/getting-started/env-configuration.mdx | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/docs/getting-started/env-configuration.mdx b/docs/getting-started/env-configuration.mdx
index bd974aec..1cf3c48d 100644
--- a/docs/getting-started/env-configuration.mdx
+++ b/docs/getting-started/env-configuration.mdx
@@ -1121,7 +1121,26 @@ Read more about `offline mode` in the [offline mode guide](/docs/tutorials/offli
 
 - Type: `str`
 - Default: `*`
-- Description: Sets the allowed origins for Cross-Origin Resource Sharing (CORS).
+- Description: Sets the allowed origins for Cross-Origin Resource Sharing (CORS). Smicolon ';' separated list of allowed origins.
+
+:::warning
+
+**This variable is required to be set**, otherwise you may experience Websocket issues and weird "{}" responses or "Unexpected token 'd', "data: {"id"... is not valid JSON".
+
+:::
+
+:::info
+
+If you experience Websocket issues, check the logs of Open WebUI.
+If you see lines like this `engineio.base_server:_log_error_once:354 - https://yourdomain.com is not an accepted origin.` then you need to configure your CORS_ALLOW_ORIGIN more broadly.
+
+Example:
+CORS_ALLOW_ORIGIN: "https://yourdomain.com;http://yourdomain.com;https://yourhostname;http://<your ip address>;http://localhost:3000"
+
+Add all valid IPs, Domains and Hostnames one might access your Open WebUI to the variable.
+Once you did, no more websocket issues or warnings in the console should occur.
+
+:::
 
 #### `CORS_ALLOW_CUSTOM_SCHEME`