From 833574a1ef06bb23d5b8dec70c2ec1f3d4064f3a Mon Sep 17 00:00:00 2001
From: Ellie Schieder <102893018+ellieschieder@users.noreply.github.com>
Date: Mon, 8 Apr 2024 09:32:07 +0200
Subject: [PATCH] Update doh.ffmuc.net.conf to add pre-flight CORS support.

This update corrects CORS Headers by adding pre-flight support
---
 nginx/domains/doh.ffmuc.net.conf | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/nginx/domains/doh.ffmuc.net.conf b/nginx/domains/doh.ffmuc.net.conf
index 2fc7c3f..f0aad1c 100644
--- a/nginx/domains/doh.ffmuc.net.conf
+++ b/nginx/domains/doh.ffmuc.net.conf
@@ -61,9 +61,19 @@ server {
 
         # Add CORS Header to allow access via JavaScript see: https://github.com/freifunkMUC/ffmuc-salt-public/issues/125
         add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'GET, POST' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
         add_header 'Access-Control-Allow-Headers' '*' always;
 
+        # Allow pre-flight request see: https://github.com/freifunkMUC/ffmuc-salt-public/issues/162
+        # If a Browser is using pre-flight request using OPTIONS method, return 204 and an empty body.
+        if ($request_method = 'OPTIONS') {
+            add_header 'Content-Type' 'text/plain charset=UTF-8';
+            add_header 'Content-Length' 0;
+            # Allows caching of CORS response for upto 1 day; 
+            # Firefox overwrites to max 1 day; Chrome overwrites to max 2hr
+            add_header 'Access-Control-Max-Age' 86400;
+            return 204;
+        }
     }
     location / {
         if ( $request_method = GET ) {