# Allow CORS
<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "https://rheuma.lilly-virtual.de"
    Header set Access-Control-Allow-Credentials true
    Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
    Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
</IfModule>