diff --git a/conf/nginx.conf b/conf/nginx.conf
index 28a396a..3505ee9 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -4,11 +4,41 @@ location = __PATH__/ {
 }
 
 location __PATH__/ {
-    # https://github.com/benoitc/gunicorn/blob/master/examples/nginx.conf
+    # Wide-open CORS config for nginx
+    # From : https://enable-cors.org/server_nginx.html
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' '*';
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+        #
+        # Custom headers and headers various browsers *should* be OK with but aren't
+        #
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+        #
+        # Tell client that this pre-flight info is valid for 20 days
+        #
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain; charset=utf-8';
+        add_header 'Content-Length' 0;
+        return 204;
+    }
+    if ($request_method = 'POST') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
+    if ($request_method = 'GET') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
 
     # this is needed if you have file import via upload enabled
     client_max_body_size 100M;
 
+    # Configuration to pass request to Gunicorn
+    # https://github.com/benoitc/gunicorn/blob/master/examples/nginx.conf
     proxy_http_version 1.1;
     proxy_set_header Host $host;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -16,6 +46,9 @@ location __PATH__/ {
     proxy_set_header X-Real-IP $remote_addr;
     proxy_set_header X-Scheme $scheme;
 
+    # do not pass the CORS header from the response of the proxied server to the client
+    proxy_hide_header 'Access-Control-Allow-Origin';
+
     proxy_read_timeout 30;
     proxy_send_timeout 30;
     proxy_connect_timeout 30;