Just added it now simply via nginx. Tested it myself with https://app.mutinywallet.com/. Should work for you too now.
Adding it simply via add_header Access-Control-Allow-Origin * instead of inside the code feels like a hack but maybe that's actually not a hack but (should be) best practice? lol
add_header Access-Control-Allow-Origin *
instead of inside the code feels like a hack but maybe that's actually not a hack but (should be) best practice? lol