From f633d3006e7bb966a2bdbdb89bdf9c580adc8ce3 Mon Sep 17 00:00:00 2001
From: Travis Ralston <travisr@matrix.org>
Date: Wed, 4 Sep 2024 12:49:51 -0600
Subject: [PATCH] Update spec text for CORS MSC (#4187)

---
 proposals/4138-update-cors-methods.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/proposals/4138-update-cors-methods.md b/proposals/4138-update-cors-methods.md
index ecadc187abb..fedcb762449 100644
--- a/proposals/4138-update-cors-methods.md
+++ b/proposals/4138-update-cors-methods.md
@@ -10,7 +10,11 @@ the `Access-Control-Allow-Methods` header.
 ## Proposal
 
 The [`Access-Control-Allow-Methods` header's recommended value](https://spec.matrix.org/v1.10/client-server-api/#web-browser-clients)
-is updated to include the following:
+is updated to note that the HTTP methods described cover existing specified endpoints. Servers which
+support additional endpoints or methods should add those methods as well. The specification will be
+updated whenever a new method is supported by an endpoint.
+
+Examples of possible future-use methods include:
 
 * `PATCH` - A plausibly useful HTTP method for future use.
 * `HEAD` - Similar to `PATCH`, `HEAD` is plausibly useful for feature detection and cases like