X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/b85cb1ba40385444f9494bbb88248ab65d700c85..f4ca9ad94a6bb006d1f3c7ba207837f1736d1247:/services/keep-web/doc.go

diff --git a/services/keep-web/doc.go b/services/keep-web/doc.go
index 4207d7bfc7..9ca732f01a 100644
--- a/services/keep-web/doc.go
+++ b/services/keep-web/doc.go
@@ -217,7 +217,7 @@
 //
 // In "trust all content" mode, Keep-web will accept credentials (API
 // tokens) and serve any collection X at
-// "https://collections.example.com/collections/X/path/file.ext".
+// "https://collections.example.com/c=X/path/file.ext".
 // This is UNSAFE except in the special case where everyone who is
 // able write ANY data to Keep, and every JavaScript and HTML file
 // written to Keep, is also trusted to read ALL of the data in Keep.
@@ -232,4 +232,9 @@
 //
 //   keep-web -listen :9999 -attachment-only-host domain.example:9999 -trust-all-content
 //
+// Depending on your site configuration, you might also want to enable
+// "trust all content" setting on Workbench. Normally, Workbench
+// avoids redirecting requests to keep-web if they depend on
+// -trust-all-content being set.
+//
 package main