From aaa00216d4befcd78263ff31ae6cbec0601c9035 Mon Sep 17 00:00:00 2001
From: ansuz <git@ansuz.xyz>
Date: Fri, 18 Feb 2022 16:13:47 +0530
Subject: [PATCH] add a note about what configurations are supported re: third
 party embedding

---
 www/checkup/main.js | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/www/checkup/main.js b/www/checkup/main.js
index c858e6281..8b2450f19 100644
--- a/www/checkup/main.js
+++ b/www/checkup/main.js
@@ -1024,6 +1024,13 @@ define([
         });
     });
 
+/*  Only two use-cases are currently supported:
+    1. remote embedding is enabled, and fully permissive
+    2. remote embedding is disabled, so media-tags can only be loaded on your instance
+
+    Support for selectively enabling embedding on remote sites is far more complicated
+    and will need funding.
+*/
     assert(function (cb, msg) {
         var header = 'Access-Control-Allow-Origin';
         Tools.common_xhr('/', function (xhr) {