WrenchBoard/WrenchBoradWeb
1
0
Fork 0
Code Issues Pull Requests Releases Activity

CORS fix

Browse Source
This commit is contained in:
tokslaw7
2023-04-25 00:04:30 +00:00
parent 7529f16f7d
commit 3234201ff1
1 changed files with 47 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
www-api/nginx/nginx.conf
+47 -1
View File
@@ -35,7 +35,6 @@ http {
log_not_found off;
}
add_header Access-Control-Allow-Origin *;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
@@ -44,6 +43,53 @@ http {
fastcgi_pass host.docker.internal:9999;
fastcgi_param SCRIPT_FILENAME /opt/mainsite/wrenchboard/www-api/public$fastcgi_script_name;
include fastcgi_params;
# cors configuration
# whitelist of allowed domains, via a regular expression
# if ($http_origin ~* (http://localhost(:[0-9]+)?)) {
##if ($http_origin ~* .*) { # yeah, for local development. tailor your regex as needed
set $cors "true";
##}
# apparently, the following three if statements create a flag for "compound conditions"
if ($request_method = OPTIONS) {
set $cors "${cors}options";
}
if ($request_method = GET) {
set $cors "${cors}get";
}
if ($request_method = POST) {
set $cors "${cors}post";
}
# now process the flag
if ($cors = 'trueget') {
#add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Origin' "*";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = 'truepost') {
#add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Origin' "*";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = 'trueoptions') {
#add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Origin' "*";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
}
error_page 404 /index.php;