From 979c9060dfb4750308c597f70827a2ee84a91277 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Tue, 25 Feb 2025 15:50:25 +0100
Subject: [PATCH] Remove some not allowed proxy_hide_header.

---
 templates/nginx-cors.conf.j2 | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/templates/nginx-cors.conf.j2 b/templates/nginx-cors.conf.j2
index 4ae8318..64d7e4b 100644
--- a/templates/nginx-cors.conf.j2
+++ b/templates/nginx-cors.conf.j2
@@ -1,10 +1,10 @@
 {% if nginx_cors_extended_rules %}
 if ($request_method = 'OPTIONS') {
 {% if nginx_cors_limit_origin %}
-    proxy_hide_header Access-Control-Allow-Origin;
+#     proxy_hide_header Access-Control-Allow-Origin;
     add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
 {% else %}
-    proxy_hide_header Access-Control-Allow-Origin;
+#     proxy_hide_header Access-Control-Allow-Origin;
     add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
 {% endif %}
     add_header 'Access-Control-Allow-Credentials' 'true';
@@ -23,10 +23,10 @@ if ($request_method = 'OPTIONS') {
 }
 if ($request_method = 'POST') {
 {% if nginx_cors_limit_origin %}
-    proxy_hide_header Access-Control-Allow-Origin;
+#     proxy_hide_header Access-Control-Allow-Origin;
     add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
 {% else %}
-    proxy_hide_header Access-Control-Allow-Origin;
+#     proxy_hide_header Access-Control-Allow-Origin;
     add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
 {% endif %}
     add_header 'Access-Control-Allow-Credentials' 'true';
@@ -36,10 +36,10 @@ if ($request_method = 'POST') {
 }
 if ($request_method = 'GET') {
 {% if nginx_cors_limit_origin %}
-    proxy_hide_header Access-Control-Allow-Origin;
+#     proxy_hide_header Access-Control-Allow-Origin;
     add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
 {% else %}
-    proxy_hide_header Access-Control-Allow-Origin;
+#     proxy_hide_header Access-Control-Allow-Origin;
     add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
 {% endif %}
     add_header 'Access-Control-Allow-Credentials' 'true';