README missing documentation about CORS configuration

[anxkhn]

Context

The application configures CORS middleware in app/main.py (allowing all origins, methods, and headers), but the README.md does not mention CORS at all. Contributors and API consumers should know that CORS is enabled and how it is configured, especially since allow_origins=["*"] has security implications.

Steps to reproduce

1. Open README.md.
2. Search for "CORS" -- no results.
3. Open app/main.py and see the CORS middleware configuration near the top.

Expected behavior

The README should have a section (or a note in an existing section) documenting:

• That CORS middleware is enabled
• The current configuration (all origins allowed)
• A note that this is suitable for development but should be restricted in production

Actual behavior

No mention of CORS anywhere in the README.

Files

• README.md -- add a CORS section or note
• app/main.py -- the existing CORS middleware setup (for reference)

Acceptance criteria

• README includes a section or note about CORS configuration
• It mentions that all origins are currently allowed
• It advises restricting origins in production
• The documentation matches the actual code configuration

Suggested approach

1. Open README.md.
2. Add a section after "API Endpoints", for example:

   ## CORS
   
   The application includes CORS middleware that allows requests from all origins.
   This is configured in `app/main.py`. For production deployments, restrict
   `allow_origins` to your specific frontend domain(s).

3. Review the section for accuracy against the code in app/main.py.

[zhanglinqian]

This issue is about adding CORS documentation to the README. I can help create a simple CORS configuration section that explains how to configure CORS for FastAPI applications. This would be a valuable addition to help developers understand and properly configure CORS headers.\n\nWould you like me to create a PR with this documentation? Please let me know if this can be counted towards the bounty.