RewriteEngine On

# Capture allowed origins
SetEnvIf Origin "^http://192\.168\.0\.112:5173$" ORIGIN_OK=$0
SetEnvIf Origin "^http://localhost:5173$" ORIGIN_OK=$0
SetEnvIf Origin "^https://skizagroundsuite\.com$" ORIGIN_OK=$0
SetEnvIf Origin "^https://www\.skizagroundsuite\.com$" ORIGIN_OK=$0

<IfModule mod_headers.c>
  Header always set Access-Control-Allow-Origin "%{ORIGIN_OK}e" env=ORIGIN_OK
  Header always set Vary "Origin" env=ORIGIN_OK
  Header always set Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS"
  Header always set Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With"
  Header always set Access-Control-Max-Age "86400"
</IfModule>

# Preflight response
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^ - [R=204,L]