From 4429dd69857d59fe0ef2c6ca5a6974ac76062e50 Mon Sep 17 00:00:00 2001
From: Bernhard Reiter <bernhard@intevation.de>
Date: Thu, 13 Mar 2025 18:23:28 +0100
Subject: [PATCH] feat: add access-control-allow-origin header

 .. for better access from web applications.

improve #479
---
 docs/scripts/DNSConfigForItest.sh     |  2 ++
 docs/scripts/setupProviderForITest.sh | 11 +++++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/docs/scripts/DNSConfigForItest.sh b/docs/scripts/DNSConfigForItest.sh
index f7b85f0..9196af3 100755
--- a/docs/scripts/DNSConfigForItest.sh
+++ b/docs/scripts/DNSConfigForItest.sh
@@ -28,6 +28,8 @@ echo "
 
         location = / {
                 try_files /.well-known/csaf/provider-metadata.json =404;
+                # allow others web applications to get the static information
+                add_header Access-Control-Allow-Origin "*";
         }
 
         access_log /var/log/nginx/dns-domain_access.log;
diff --git a/docs/scripts/setupProviderForITest.sh b/docs/scripts/setupProviderForITest.sh
index f9d7d18..2b6e6d1 100755
--- a/docs/scripts/setupProviderForITest.sh
+++ b/docs/scripts/setupProviderForITest.sh
@@ -56,11 +56,14 @@ location /cgi-bin/ {
 sudo sed -i "/^server {/a\        include fcgiwrap.conf;" $NGINX_CONFIG_PATH
 
 echo "
-        # For atomic directory switches
-        disable_symlinks off;
+		# For atomic directory switches
+		disable_symlinks off;
 
-        # directory listings
-        autoindex on;
+		# directory listings
+		autoindex on;
+
+		# allow others web applications to get the static information
+		add_header Access-Control-Allow-Origin "*";
 " > locationConfig.txt
 sudo sed -i "/^\s*location \/ {/r locationConfig.txt" $NGINX_CONFIG_PATH # Insert config inside location{}
 ./DNSConfigForItest.sh