From fb4f98ebf646b8aa9ac07c9b53d16961a4ca02c3 Mon Sep 17 00:00:00 2001
From: Untone <anton.rewin@gmail.com>
Date: Thu, 29 May 2025 18:15:50 +0300
Subject: [PATCH] allow-origin-fix

---
 nginx.conf.sigil | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/nginx.conf.sigil b/nginx.conf.sigil
index c44165eb..48f98021 100644
--- a/nginx.conf.sigil
+++ b/nginx.conf.sigil
@@ -10,6 +10,14 @@ proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=1g
 limit_conn_zone $binary_remote_addr zone=addr:10m;
 limit_req_zone $binary_remote_addr zone=req_zone:10m rate=20r/s;
 
+# Map to set CORS origin header
+map $http_origin $allow_origin {
+    default '';
+    "https://localhost:3000" "https://localhost:3000";
+    "https://testing.discours.io" "https://testing.discours.io";
+    "https://testing3.discours.io" "https://testing3.discours.io";
+}
+
 {{ range $port_map := .PROXY_PORT_MAP | split " " }}
 {{ $port_map_list := $port_map | split ":" }}
 {{ $scheme := index $port_map_list 0 }}
@@ -57,6 +65,10 @@ server {
 
         # Handle CORS preflight requests
         if ($request_method = 'OPTIONS') {
+            add_header 'Access-Control-Allow-Origin' $allow_origin always;
+            add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;
+            add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always;
+            add_header 'Access-Control-Allow-Credentials' 'true' always;
             add_header 'Access-Control-Max-Age' 1728000;
             add_header 'Content-Type' 'text/plain; charset=utf-8';
             add_header 'Content-Length' 0;