diff --git a/apps/svelte.dev/content/docs/kit/98-reference/50-configuration.md b/apps/svelte.dev/content/docs/kit/98-reference/50-configuration.md
index 1615a5b28f..5a5c7c0bbd 100644
--- a/apps/svelte.dev/content/docs/kit/98-reference/50-configuration.md
+++ b/apps/svelte.dev/content/docs/kit/98-reference/50-configuration.md
@@ -257,6 +257,7 @@ checkOrigin?: boolean;
 <div class="ts-block-property-bullets">
 
 - <span class="tag">default</span> `true`
+- <span class="tag deprecated">deprecated</span> Use `trustedOrigins: ['*']` instead
 
 </div>
 
@@ -281,11 +282,13 @@ trustedOrigins?: string[];
 
 </div>
 
-An array of origins that are allowed to make cross-origin form submissions to your app, even when `checkOrigin` is `true`.
+An array of origins that are allowed to make cross-origin form submissions to your app.
 
 Each origin should be a complete origin including protocol (e.g., `https://payment-gateway.com`).
 This is useful for allowing trusted third-party services like payment gateways or authentication providers to submit forms to your app.
 
+If the array contains `'*'`, all origins will be trusted. This is generally not recommended!
+
 **Warning**: Only add origins you completely trust, as this bypasses CSRF protection for those origins.
 
 </div>