SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

<IfModule mod_headers.c>
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Headers "Content-Type, Authorization, X-Api-Token"
  Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</IfModule>
