fixes for CORS

nginx.conf

@@ -176,15 +176,25 @@ server {
     listen 80;
     server_name dcr.aetoskia.com;
 
-    location / {
+    location /v2/ {
         proxy_pass http://private-pi:6005;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
+
+        # CORS headers
+        add_header 'Access-Control-Allow-Origin' 'http://registry.aetoskia.com' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;
+
+        # Handle OPTIONS preflight
+        if ($request_method = OPTIONS ) {
+            add_header 'Access-Control-Max-Age' 1728000;
+            add_header 'Content-Type' 'text/plain charset=UTF-8';
+            add_header 'Content-Length' 0;
+            return 204;
+        }
     }
 }