Issues with STAC CORS options

[fmigneault]

birdhouse-deploy/birdhouse/components/stac/default.env

Lines 56 to 57 in ee70e56

	export STAC_CORS_ORIGINS="~.*"
	export STAC_ADDITIONAL_CORS_ORIGINS='$(for origin in $STAC_CORS_ORIGINS; do echo "$origin \$http_origin;"; done;)'

Since the addition of the above (and other corresponding code/files to use them in Nginx), the proxy service emits a lot of warnings:

proxy  | 2025/11/25 00:44:03 [warn] 20#20: *1509 using uninitialized "access_control_allow_origin" variable, client: 132.217.140.249, server: localhost, request: "GET /cowbird/ HTTP/1.1", host: "hirondelle.crim.ca"
proxy  | 2025/11/25 00:44:03 [warn] 22#22: *1519 using uninitialized "access_control_allow_origin" variable, client: 132.217.140.208, server: localhost, request: "GET /cowbird/ HTTP/1.1", host: "hirondelle.crim.ca"
proxy  | 2025/11/25 00:44:05 [warn] 22#22: *1548 using uninitialized "access_control_allow_origin" variable, client: 132.217.140.249, server: localhost, request: "GET /magpie/version HTTP/1.1", host: "hirondelle.crim.ca"
proxy  | 2025/11/25 00:44:05 [warn] 22#22: *1546 using uninitialized "access_control_allow_origin" variable, client: 132.217.140.208, server: localhost, request: "GET /magpie/version HTTP/1.1", host: "hirondelle.crim.ca"

These are triggered often as they are part of the service's healthchecks and a lot of permission checks.

I have tried setting set $access_control_allow_origin '*'; explicitly (instead of conditionally as below), and that avoids the warnings.

birdhouse-deploy/birdhouse/components/proxy/conf.d/cors.include

Lines 2 to 6 in e2040fd

	if ( $access_control_allow_origin ~ "^$" ) {
	set $access_control_allow_origin '*';
	}

Should another variable be defined, such as BIRDHOUSE_CORS_ORIGINS=* by default, which would be set there explicitly and have to be overridden for servers trying to limit the origins?