HTTP access control (CORS)

if ($request_method = POST) {
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods “POST”;
        add_header Access-Control-Allow-Headers “Authorization”;
        add_header Access-Control-Allow-Credentials “true”;
        add_header Content-Length 0;
        add_header Content-Type text/plain;
        return 200;
    }