refactor(settings/api): drop the duplicated CORS hint, slim token-policy intro

The token-policy card had an info blockquote that paraphrased the two
field labels, and the CORS card stated "one origin per line" three
times (blockquote, DB description, muted footer). Now the CORS hint
comes only from the setting description, which already includes the
per-line note in both locales. The danger warning on the revoke action
stays put.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-04-25 18:22:41 +02:00
parent 015d911ef8
commit 1f46ea602f

View File

@@ -61,9 +61,6 @@ $readonlyAttr = $isReadOnly ? 'readonly' : '';
</span>
</summary>
<div class="app-details-card-container">
<blockquote data-variant="info">
<small><?php e(t('These limits define default and maximum lifetimes for newly issued API tokens.')); ?></small>
</blockquote>
<div class="grid">
<label class="app-field">
<span><?php e(t('API token default lifetime (days)')); ?> <span class="badge" data-variant="info"><?php e(t('Cached')); ?></span></span>
@@ -90,15 +87,11 @@ $readonlyAttr = $isReadOnly ? 'readonly' : '';
</span>
</summary>
<div class="app-details-card-container">
<blockquote data-variant="info">
<small><?php e(t('Define which origins may call your API from browsers. Use one origin per line.')); ?></small>
</blockquote>
<label class="app-field">
<span><?php e(t('Allowed CORS origins')); ?> <span class="badge" data-variant="info"><?php e(t('Cached')); ?></span></span>
<textarea name="api_cors_allowed_origins" rows="4" placeholder="https://app.example.com&#10;https://admin.example.com" <?php e($readonlyAttr); ?>><?php e($apiCorsAllowedOrigins); ?></textarea>
<small><?php e(t($apiCorsAllowedOriginsDesc)); ?></small>
</label>
<small class="muted"><?php e(t('One origin per line, e.g. https://app.example.com')); ?></small>
</div>
</details>