ISTI-ansible-roles
/
ansible-role-nginx
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Disable Access-Control-Allow-Credentials when nginx_cors_limit_origin.

This commit is contained in:
Andrea Dell'Amico 2024-12-16 15:42:02 +01:00
parent a0ce375254
commit c47961f9dc
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
templates/nginx-cors.conf.j2
View File

@ -58,7 +58,9 @@ add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_s
if ($request_method = OPTIONS ) { if ($request_method = OPTIONS ) {
return 204; return 204;
} }
{% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
{% endif %}
add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}'; add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
add_header 'Access-Control-Allow-Headers' '{{ nginx_cors_allowed_headers }}'; add_header 'Access-Control-Allow-Headers' '{{ nginx_cors_allowed_headers }}';
add_header 'Access-Control-Expose-Headers' '{{ nginx_cors_allowed_headers }}'; add_header 'Access-Control-Expose-Headers' '{{ nginx_cors_allowed_headers }}';