######################
## Handling Options for the CORS
     RewriteCond %{REQUEST_METHOD} OPTIONS
     RewriteRule ^(.*)$ $1 [L,R=204]

##Generate wildcard to allow only .solertia.sol
SetEnvIf Origin ^(https?://.+\.solertia\.sol(?::\d{1,5})?)$   CORS_ALLOW_ORIGIN=$1


###################
## Add custom headers

    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
       # Always set these headers for CORS.
    Header always set Access-Control-Max-Age 1728000
#    Header always set Access-Control-Allow-Origin: "*"
Header always set Access-Control-Allow-Origin: %{CORS_ALLOW_ORIGIN}e   env=CORS_ALLOW_ORIGIN
    Header always set Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
    Header always set Access-Control-Allow-Headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
    Header always set Access-Control-Allow-Credentials true