ISTI-ansible-roles
/
ansible-role-nginx
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Hide Access-Control-Allow-Origin before adding it again.

This commit is contained in:
Andrea Dell'Amico 2024-10-14 19:29:35 +02:00
parent f2d22e9d53
commit 37b9a73821
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
templates/nginx-cors.conf.j2
View File

@ -1,8 +1,10 @@
{% if nginx_cors_extended_rules %}
if ($request_method = 'OPTIONS') {
{% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
add_header 'Access-Control-Allow-Credentials' 'true';
@ -21,8 +23,10 @@ if ($request_method = 'OPTIONS') {
}
if ($request_method = 'POST') {
{% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
add_header 'Access-Control-Allow-Credentials' 'true';
@ -32,8 +36,10 @@ if ($request_method = 'POST') {
}
if ($request_method = 'GET') {
{% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
add_header 'Access-Control-Allow-Credentials' 'true';
@ -43,8 +49,10 @@ if ($request_method = 'GET') {
}
{% else %}
{% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
if ($request_method = OPTIONS ) {