Page MenuHomeDevCentral

D1303.diff
No OneTemporary

D1303.diff

diff --git a/roles/webserver-legacy/nginx/files/includes/cors-open b/roles/webserver-legacy/nginx/files/includes/cors-open
new file mode 100644
--- /dev/null
+++ b/roles/webserver-legacy/nginx/files/includes/cors-open
@@ -0,0 +1,54 @@
+# -------------------------------------------------------------
+# Configuration for Nasqueron web sites
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Description: nginx CORS configuration
+# Reference: Michiel Kalkman, "Wide open nginx CORS configuration",
+# https://michielkalkman.com/snippets/nginx-cors-open-configuration/
+# License: Trivial work, not eligible for copyright.
+# Source file: roles/webserver-legacy/nginx/files/includes/cors-open
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# OPTIONS
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+
+ return 204;
+ }
+
+ # -------------------------------------------------------------
+ # GET
+ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+if ($request_method = 'GET') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+ add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
+}
+
+# -------------------------------------------------------------
+# POST
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+if ($request_method = 'POST') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+ add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
+}
diff --git a/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf b/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf
--- a/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf
+++ b/roles/webserver-legacy/nginx/files/vhosts/nasqueron.org/api.conf
@@ -35,6 +35,10 @@
root /var/wwwroot/nasqueron.org/api;
include includes/letsencrypt;
+
+ location ~ [^/]\.json(/|$) {
+ include includes/cors-open;
+ }
}
server {
@@ -58,4 +62,8 @@
access_log /var/log/www/nasqueron.org/api51-access.log;
root /var/51-wwwroot/api;
+
+ location ~ [^/]\.json(/|$) {
+ include includes/cors-open;
+ }
}

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 24, 14:07 (7 h, 17 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2260315
Default Alt Text
D1303.diff (3 KB)

Event Timeline