diff --git a/nginx/default.conf b/nginx/default.conf
index 4e3a4109..d8493a16 100644
--- a/nginx/default.conf
+++ b/nginx/default.conf
@@ -35,6 +35,38 @@ server {
         proxy_ssl_verify off;
     }
 
+    location ~ ^/[^/]+/(tmp|ilx)_.*\.(html|ttl|jsonld|n3|owl|csv)$ {
+        proxy_pass https://uri.olympiangods.org$request_uri;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # CORS headers
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Credentials true always;
+    }
+
+    location ~ ^/[^/]+/ontologies/uris/.*/spec$ {
+        proxy_pass https://uri.olympiangods.org$request_uri;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # Forward Authorization header if present
+        proxy_set_header Authorization $http_authorization;
+
+        # CORS headers
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Credentials true always;
+        add_header Access-Control-Expose-Headers X-Redirect-Location always;
+
+        # Handle 303 redirects: move Location to X-Redirect-Location
+        proxy_intercept_errors on;
+        error_page 303 = @handle_303;
+    }
+
     location /static/ {
         autoindex on;
         alias /usr/share/nginx/html/static/;