Redmine

Hello Guys.

I am currently using the following versions of lighttpd on vmware Ubuntu16.04 and aws Ubuntu18.04.
lighttpd / 1.4.45 (ssl)-a light and fast webserver
Build-Date: Jun 24 2019 22:58:56

Before making a request to another domain, I made an ajax request (header added) to another port on my Ubuntu, but the following problem still occurs.
[ browser message : Access to XMLHttpRequest at 'http://mydomain:3000/' from origin 'http://mydomain' has been blocked by CORS policy: Request header field ukey(or X-M2M-RI or X-M2M_Origin is not allowed by Access-Control-Allow-Headers in preflight response.]

[ ajax code ]
$.ajax({
type : "GET",
url : "http://192.168.0.97:3000",
dataType : "application/xml",
//dataType : "jsonp",
//dataType : "text",
headers : { 'Accept' : 'application/xml',
'X-M2M-RI' : '12345',
'X-M2M-Origin' : 'Origin',
'uKey' : 'WUsrcUZGeDlJSHlrTkdOQ3pPZUt0dWtBbHc3L0JDdi9Xa3N1ZTJjVXVYR2dGdkduNGhWd3VJc0xwVU9mUXc3ag==' },
error:function(request, status, error){
alert("code:"+request.status+"\n"+"message:"+request.responseText+"\n"+"error:"+error);
},
success : function(data) {
console.log(data);
}
})

I modified it as below through the information I found on Google, but I keep getting the same problem.
[ lighttpd.conf ]
server.modules = (
"mod_access",
"mod_auth",
"mod_alias",
"mod_compress",
"mod_accesslog",
"mod_fastcgi",
"mod_setenv",

1. "mod_rewrite",
2. "mod_redirect",
   "mod_proxy",
   "mod_status",
   )

server.document-root = "/var/www/html"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80

#setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )

1. CORS Headers
   setenv.add-response-header = (
   "Access-Control-Allow-Origin" => "*",
   "Access-Control-Allow-Credentials" => "true",
   "Access-Control-Allow-Headers" => "accept, origin, x-requested-with, content-type, x-transmission-session-id",
   "Access-Control-Expose-Headers" => "X-Transmission-Session-Id",
   "X-Proxy" => "www-02",
   "Access-Control-Allow-Methods" => "GET, PUT, POST, HEAD, DELETE, OPTIONS"
   )

1. strict parsing and normalization of URL for consistency and security
2. https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
3. (might need to explicitly set "url-path-2f-decode" = "disable"
4. if a specific application is encoding URLs inside url-path)
   server.http-parseopts = (
   "header-strict" => "enable",# default
   "host-strict" => "enable",# default
   "host-normalize" => "enable",# default
   "url-normalize-unreserved"=> "enable",# recommended highly
   "url-normalize-required" => "enable",# recommended
   "url-ctrls-reject" => "enable",# recommended
   "url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
   #"url-path-2f-reject" => "enable",
   "url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
   #"url-path-dotseg-reject" => "enable",
   #"url-query-20-plus" => "enable",# consistency in query string
   )

index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )

static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )

1. default listening port for IPv6 falls back to the IPv4 port
   1. Use ipv6 if available
      #include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
      include_shell "/usr/share/lighttpd/create-mime.assign.pl"
      include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

How do I solve this problem? I need help