From baf9b9c53d8b59937cc820a4d0fd17cfeb354f13 Mon Sep 17 00:00:00 2001
From: yaso <yasienmeth@gmail.com>
Date: Sat, 25 Jan 2025 12:34:13 +0200
Subject: [PATCH] v8

---
 nginx/nginx.conf | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 4d24be99..2fedd8ed 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -158,17 +158,18 @@ http {
             # Handle preflight OPTIONS requests
             if ($request_method = OPTIONS ) {
                 # Add CORS headers for preflight request
-                add_header 'Access-Control-Allow-Origin' '*' always;
+                add_header 'Access-Control-Allow-Origin' 'https://app.mzansi-innovation-hub.co.za' always;
                 # add_header 'Access-Control-Allow-Credentials' 'true' always;
                 add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
-                add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;
+                add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers' always;
                 add_header 'Access-Control-Max-Age' 1728000;
                 return 204;
             }
 
-            add_header 'Access-Control-Allow-Origin' '*' always;
+            add_header 'Access-Control-Allow-Origin' 'https://app.mzansi-innovation-hub.co.za' always;
             # add_header 'Access-Control-Allow-Credentials' 'true' always;
-            add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;
+            add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers' always;
+
 
             proxy_pass http://MIH-AI:11434/;
             proxy_set_header Host $host;