diff --git a/nginx/conf.d/default.conf.template b/nginx/conf.d/default.conf.template
index 969b78c..0fadfca 100644
--- a/nginx/conf.d/default.conf.template
+++ b/nginx/conf.d/default.conf.template
@@ -10,10 +10,11 @@ server {
     index index.html;
 
     # --------- Preflight direkt per IF ---------
-    if ($request_method = OPTIONS) {
+    if ($request_method = 'OPTIONS') {
         add_header Access-Control-Allow-Origin "*";
         add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS";
-        add_header Access-Control-Allow-Headers "Content-Type, X-API-Key";
+        add_header Access-Control-Allow-Headers "Content-Type,X-API-Key,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type";
+        add_header Access-Control-Max-Age 1728000;
         add_header Content-Length 0;
         return 204;
     }
@@ -31,7 +32,7 @@ server {
         # --- CORS & Cache ---
         add_header Access-Control-Allow-Origin "*";
         add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS";
-        add_header Access-Control-Allow-Headers "Content-Type, X-API-Key";
+        add_header Access-Control-Allow-Headers "Content-Type, X-API-Key,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type";
         add_header Cache-Control "public, max-age=2592000" always;
 
         # fehlende MIME-Types