Maybe check the Traefik headers middleware doc again, this works for us:
- traefik.http.middlewares.cors.headers.customresponseheaders.Access-Control-Allow-Origin=*
- traefik.http.middlewares.cors.headers.customresponseheaders.Access-Control-Allow-Methods=GET,POST,OPTIONS
- traefik.http.middlewares.cors.headers.customresponseheaders.Access-Control-Allow-Headers=*