From d1d5e448a304b0240c1dcd03613646d17eef3460 Mon Sep 17 00:00:00 2001
From: Christian Boettcher <c.boettcher@fz-juelich.de>
Date: Mon, 14 Mar 2022 12:10:17 +0100
Subject: [PATCH] set cors headers for accepted domains

---
 proxy_image/default_location | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/proxy_image/default_location b/proxy_image/default_location
index 290d076..ee62b8d 100644
--- a/proxy_image/default_location
+++ b/proxy_image/default_location
@@ -1,3 +1,13 @@
+if ($http_origin ~* (.*\.kfa-juelich.de|.*\.fz-juelich.de|.*\.eflows4hpc.eu)) {
+    add_header 'Access-Control-Allow-Origin' "$http_origin";
+    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
+    add_header 'Access-Control-Allow-Credentials' 'true';
+    add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
+}
+if ($request_method = OPTIONS) {
+    return 204;
+}
+
 location ~ \.(html|css|js|ico|jpg|jpeg|png|webp)$ {
     if ($request_method = OPTIONS) {
         return 204;
-- 
GitLab