modified: main_dc/nginx/nginx-ssl.conf

modified:   main_dc/yalarba/api_es/internal/router/setMiddleware.go
add headers nginx

main_dc/nginx/nginx-ssl.conf

@@ -138,6 +138,14 @@ server {
         proxy_send_timeout 600;
         proxy_read_timeout 600;
 
+        add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH' always;
+        add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Content-Type,X-CSRF-Token,X-Requested-With' always;
+
+        if ($request_method = OPTIONS) {
+            return 204;
+        }
         # Handle preflight requests
         if ($request_method = OPTIONS) {
             return 204;

main_dc/yalarba/api_es/internal/router/setMiddleware.go

@@ -30,7 +30,7 @@ func setupMiddlewares(r *chi.Mux) {
 	r.Use(cors.Handler(cors.Options{
 		AllowedOrigins:   []string{"https://easysite102.ru", "http://localhost:3000"},
 		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"},
-		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "X-Requested-With"},
 		ExposedHeaders:   []string{"Link"},
 		AllowCredentials: true,
 		MaxAge:           300, // 5 минут