NCEAS · artntek · Jan 24, 2025
diff --git a/helm/examples/values-dev-cluster-arctic-example.yaml b/helm/examples/values-dev-cluster-arctic-example.yaml
@@ -95,6 +95,71 @@ ingress:
 
   annotations:
     cert-manager.io/cluster-issuer: "letsencrypt-prod"
+############## EXPERIMENTAL CORS STUFF:
+
+    nginx.ingress.kubernetes.io/cors-allow-origin: "$http_origin"
+
+    # # # # # works for non-logged in stuff:
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_set_headers "Access-Control-Allow-Origin: $http_origin";
+    nginx.ingress.kubernetes.io/cors-allow-headers: "Authorization, Content-Type, Origin, Cache-Control"
+    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
+    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, OPTIONS"
+    nginx.ingress.kubernetes.io/cors-expose-headers: "*, X-Project-Key"
+    nginx.ingress.kubernetes.io/cors-max-age: "1728000"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+
+####### OTHER EXPERIMENTS:
+# 1:
+#    nginx.ingress.kubernetes.io/configuration-snippet: |-
+#      if ($request_method = 'OPTIONS') {
+#      add_header Access-Control-Allow-Origin "$http_origin";
+#      add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS";
+#      add_header Access-Control-Allow-Headers "Authorization, Content-Type, Origin, Cache-Control";
+#      add_header Content-Type "text/plain charset=UTF-8";
+#      add_header Content-Length 0;
+#      return 204;
+#      }
+#
+# 2:
+#    nginx.ingress.kubernetes.io/configuration-snippet: |-
+#      # if ($http_origin ~* "^https?://(example.com|example2.com)$") {
+#      if ($http_origin ~* "^https?://[^/]+") {
+#          set $allow_origin $http_origin;
+#      }
+#      more_set_headers 'Access-Control-Allow-Origin: $allow_origin';
+#      more_set_headers 'Access-Control-Allow-Credentials: true';
+#      more_set_headers 'Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS';
+#      more_set_headers 'Access-Control-Allow-Headers: Authorization, Content-Type, Origin, Cache-Control';
+#      if ($request_method = 'OPTIONS') {
+#          more_set_headers 'Access-Control-Max-Age: 1728000';
+#          more_set_headers 'Content-Type: text/plain charset=UTF-8';
+#          more_set_headers 'Content-Length: 0';
+#          return 204;
+#      }
+#
+# 3:
+#    nginx.ingress.kubernetes.io/configuration-snippet: |
+#      # Clear existing CORS headers
+#      proxy_set_header Access-Control-Allow-Origin "";
+#      proxy_set_header Access-Control-Allow-Methods "";
+#      proxy_set_header Access-Control-Allow-Headers "";
+#
+#      # Set new CORS headers
+#      if ($http_origin ~* "^https?://[^/]+") {
+#        add_header Access-Control-Allow-Origin "$http_origin";
+#      }
+#      add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS";
+#      add_header Access-Control-Allow-Headers "Authorization, Content-Type, Origin, Cache-Control";
+#      add_header Access-Control-Allow-Credentials "true";
+#
+#      # Handle OPTIONS preflight requests
+#      if ($request_method = 'OPTIONS') {
+#        add_header Content-Type "text/plain charset=UTF-8";
+#        add_header Content-Length 0;
+#        return 204;
+#      }
+
   tls:
     - hosts: [] # defaults to metacat.server.name
       secretName: ingress-nginx-tls-cert