nelmio_cors:
  defaults:
    origin_regex: true
    allow_origin: [ '*' ]
    allow_methods: [ 'GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE' ]
    allow_headers: [ '*' ]
    expose_headers: [ 'Authorization' ]
    allow_credentials: true
    max_age: 3600
  paths:
    '^/': ~