From 5f10599a51074db98623e0b4155834edd1b0b4f7 Mon Sep 17 00:00:00 2001
From: Untone <anton.rewin@gmail.com>
Date: Thu, 29 May 2025 18:12:19 +0300
Subject: [PATCH] double-true-nginx-fix

---
 nginx.conf.sigil | 33 +++++++++------------------------
 1 file changed, 9 insertions(+), 24 deletions(-)

diff --git a/nginx.conf.sigil b/nginx.conf.sigil
index 54732bfc..c44165eb 100644
--- a/nginx.conf.sigil
+++ b/nginx.conf.sigil
@@ -49,34 +49,20 @@ server {
         {{ $proxy_settings }}
         {{ $gzip_settings }}
 
-        # Handle CORS for OPTIONS method
+        # Add CORS headers for all requests
+        add_header 'Access-Control-Allow-Origin' $allow_origin always;
+        add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+
+        # Handle CORS preflight requests
         if ($request_method = 'OPTIONS') {
-            add_header 'Access-Control-Allow-Origin' $allow_origin always;
-            add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS';
-            add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always;
-            add_header 'Access-Control-Allow-Credentials' 'true' always;
             add_header 'Access-Control-Max-Age' 1728000;
             add_header 'Content-Type' 'text/plain; charset=utf-8';
             add_header 'Content-Length' 0;
             return 204;
         }
 
-        # Handle CORS for POST method
-        if ($request_method = 'POST') {
-            add_header 'Access-Control-Allow-Origin' $allow_origin always;
-            add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
-            add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always;
-            add_header 'Access-Control-Allow-Credentials' 'true' always;
-        }
-
-        # Handle CORS for GET method
-        if ($request_method = 'GET') {
-            add_header 'Access-Control-Allow-Origin' $allow_origin always;
-            add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
-            add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always;
-            add_header 'Access-Control-Allow-Credentials' 'true' always;
-        }
-
         proxy_cache my_cache;
         proxy_cache_revalidate on;
         proxy_cache_min_uses 2;
@@ -95,14 +81,13 @@ server {
     }
 
     location ~* \.(mp3|wav|ogg|flac|aac|aif|webm)$ {
-      proxy_pass  http://{{ $.APP }}-{{ $upstream_port }};
-      if ($request_method = 'GET') {
+        proxy_pass  http://{{ $.APP }}-{{ $upstream_port }};
+        # Add CORS headers for audio files
         add_header 'Access-Control-Allow-Origin' $allow_origin always;
         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
         add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
         add_header 'Access-Control-Allow-Credentials' 'true' always;
-      }
     }