See also Reverse Proxy
{ debug}
(cors) { @origin header Origin "*" header @origin Access-Control-Allow-Origin "*" header @origin Access-Control-Allow-Methods "OPTIONS,HEAD,GET,POST,PUT,PATCH,DELETE" header @origin Access-Control-Allow-Headers "Content-Type,Authorization,Accept"}
localhost:65000 { import cors
reverse_proxy /v1/* https://your-api.example.com { header_up Host {upstream_hostport} }
header /v1/* { -Strict-Transport-Security }}This config works as a reverse proxy with TLS/HTTPS and CORS support. Note that OAuth redirects can be tricky if the redirect URI doesn’t match what’s approved.