kind: ConfigMap
apiVersion: v1
metadata:
  name: custom-snippets
  namespace: ingress-nginx
data:
  location-custom.conf: |
    set $globalcors "";
    
    if ($http_origin ~* '^(http|https)?://(localhost(:[0-9]+)?)$') {
      set $globalcors "true";
    }
    
    if ($request_method = 'OPTIONS') { 
      set $globalcors "${globalcors}options";
    }

    if ($globalcors = "trueoptions") {
      add_header 'Access-Control-Allow-Origin' "$http_origin"; 
      add_header 'Access-Control-Allow-Credentials' 'true';      
      add_header 'Access-Control-Allow-Methods' 'GET, POST, HEAD, PUT, DELETE, OPTIONS';
      add_header 'Access-Control-Allow-Headers' 'X-CSRF-Token,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';        
      add_header 'Access-Control-Max-Age' 1728000;
      add_header 'Content-Type' 'text/plain charset=UTF-8';
      add_header 'Content-Length' 0;
      
      return 204;
    }

    if ($request_method ~* "(GET|POST|HEAD)") {
      add_header "Access-Control-Allow-Origin"  "$http_origin";
      add_header 'Access-Control-Allow-Credentials' 'true';
      add_header 'Access-Control-Allow-Headers' 'X-CSRF-Token,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';        
      add_header 'X-Frame-Options' 'sameorigin';
    }

---