Docs: document effects of disabling CORS configurer

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>

docs/modules/ROOT/pages/reactive/integrations/cors.adoc

@@ -1,4 +1,3 @@
-
 [[webflux-cors]]
 = CORS
 
@@ -75,3 +74,11 @@ fun springSecurityFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain
 }
 ----
 ======
+
+[WARNING]
+====
+CORS is a browser-based security feature.
+By disabling CORS in Spring Security, you are not removing CORS protection from your browser.
+Instead, you are removing CORS support from Spring Security, and users will not be able to interact with your Spring backend from a cross-origin browser application.
+To fix CORS errors in your application, you must enable CORS support, and provide an appropriate configuration source.
+====

docs/modules/ROOT/pages/servlet/integrations/cors.adoc

@@ -183,3 +183,11 @@ fun corsConfigurationSource(): UrlBasedCorsConfigurationSource {
 }
 ----
 ======
+
+[WARNING]
+====
+CORS is a browser-based security feature.
+By disabling CORS in Spring Security with `.cors(CorsConfigurer::disable)`, you are not removing CORS protection from your browser.
+Instead, you are removing CORS support from Spring Security, and users will not be able to interact with your Spring backend from a cross-origin browser application.
+To fix CORS errors in your application, you must enable CORS support, and provide an appropriate configuration source.
+====