Nginx

How to properly handle CORS - for subdomain requests?

Request flies CORS
Access to image at ' https://my-sites-1/storage/272/85e1751d-389f/apn.jpeg ' from origin ' https://my-sites-2 ' has been blocked by CORS policy : No 'Access-Control-Allow-Origin' header is present on the requested resource.

The thing is that this happens only for the storage/ folder - in which there are pictures [symlink to the -made folder]

The rules config itself and added sections to it:

add_header 'Cache-Control' 'public';
add_header 'X-Frame-Options' 'ALLOW-FROM *';
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,
XRequested-With,If-Modified-Since,Cache-Control,Content-Type';

How to make nginx CORS(add_header) config work?
nginx (v1.14) is a reverse proxy, it sends an api request to my-sites-2.com. I add some CORS configs to the conf file but it doesn't work.

I know that CORS needs to be enabled on the server side so that clients can programmatically access server resources. Otherwise, the client's request will result in blocked by CORS policy: No...

How can I add the 'Access-Control-Allow-Origin' header to all responses?
For the backend I used Laravel framework and for the frontend I used React,js.