Update README.md

README.md

@@ -1,5 +1,19 @@
-Proxy files for DotNet, Java and PHP
-====================================
+# Best practices
+
+There are several recommended solutions to use instead of your own resource-proxy:
+
+* Enable [CORS](http://enable-cors.org/server.html) on the non-CORS enabled web server.
+* Configure your security settings in [ArcGIS Online](https://doc.arcgis.com/en/arcgis-online/administer/configure-security.htm) or [Portal](https://enterprise.arcgis.com/en/portal/10.5/administer/windows/configure-security.htm). 
+* Access secure services [using ArcGIS Online](https://doc.arcgis.com/en/arcgis-online/reference/arcgis-server-services.htm#ESRI_SECTION1_FEB0DF92DA064B6A970DFB59A18AA4C2) to store your username/password credentials. 
+
+### Developer tools for working with CORS
+
+For testing and development when working with CORS-enabled services:
+
+* There are Chrome extensions available through the [Chrome web store](https://chrome.google.com/webstore/search/cors?_category=extensions).
+* Some browsers may allow you to temporarily modify the enforcement of the `same-origin` policy. For example, in Chrome you can set the `--disable-web-security` command-line flag. More information is available in [Run Chromium with flags](https://www.chromium.org/developers/how-tos/run-chromium-with-flags).
+
+# Proxy files for DotNet, Java and PHP
 
 These proxy files support:
 * Accessing cross domain resources
@@ -11,13 +25,6 @@ These proxy files support:
 
 Ensure that you follow the [Terms & Conditions](https://developers.arcgis.com/terms/) of the Esri systems and software that you are working with. In general, it is not permitted to embed credentials in a resource proxy for the purpose of bypassing Named User authentication (i.e. the principle that each end-user must have their own unique login). This is true both when using a resource proxy with ArcGIS Online as well as for ArcGIS Server sites federated as part of an ArcGIS Enterprise deployment.
 
-## Alternatives
-
-There are several good alternative solutions to use instead of your own resource-proxy:
-
-* [Enable CORS on your server](http://enable-cors.org/server.html) - in order to access cross domain resources.
-* Access secure services [using ArcGIS Online](https://doc.arcgis.com/en/arcgis-online/reference/arcgis-server-services.htm#ESRI_SECTION1_FEB0DF92DA064B6A970DFB59A18AA4C2) to store your username/password credentials. See also the [Working with Proxy Services](https://developers.arcgis.com/documentation/core-concepts/security-and-authentication/working-with-proxies/) topic.
-
 ## Instructions
 
 * Download and unzip the .zip file or clone the repository. You can download [a released version](https://github.com/Esri/resource-proxy/releases) (recommended) or the [most recent daily build](https://github.com/Esri/resource-proxy/archive/master.zip).
@@ -117,7 +124,7 @@ Esri welcomes [contributions](CONTRIBUTING.md) from anyone and everyone. Please
 
 ## License
 
-Copyright 2017 Esri
+Copyright 2014-2021 Esri
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.