From 681a8af8b192387ada5045ad0d7db53b1ec131b6 Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <me@liz.coffee>
Date: Sun, 4 Jan 2026 21:15:44 -0800
Subject: Fix CORS

---
 nginx.conf | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'nginx.conf')

diff --git a/nginx.conf b/nginx.conf
index 70946b7..7b9479a 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -52,22 +52,33 @@ http {
     location ~* \.(css|js)$ {
       expires 30m;
       add_header Cache-Control "public, max-age=1800" always;
+      add_header Access-Control-Allow-Origin "*" always;
+      add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+      add_header Access-Control-Allow-Headers "Content-Type" always;
     }
 
     location ~* \.(woff|woff2|ttf|otf|eot)$ {
       expires 30m;
       add_header Cache-Control "public, max-age=1800" always;
       add_header Access-Control-Allow-Origin "*" always;
+      add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+      add_header Access-Control-Allow-Headers "Content-Type" always;
     }
 
     location ~* \.(jpg|jpeg|png|gif|svg|ico|webp)$ {
       expires 30m;
       add_header Cache-Control "public, max-age=1800" always;
+      add_header Access-Control-Allow-Origin "*" always;
+      add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+      add_header Access-Control-Allow-Headers "Content-Type" always;
     }
 
     location / {
       expires 30m;
       add_header Cache-Control "public, max-age=1800" always;
+      add_header Access-Control-Allow-Origin "*" always;
+      add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+      add_header Access-Control-Allow-Headers "Content-Type" always;
       try_files $uri $uri/ =404;
     }
   }
-- 
cgit v1.2.3-70-g09d2