ISTI-ansible-roles
/
ansible-role-nginx
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Introduce nginx_access_control_allow_origin_src.

This commit is contained in:
Andrea Dell'Amico 2024-06-11 14:49:32 +02:00
parent e97690243d
commit f2d22e9d53
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defaults/main.yml
View File

@ -93,6 +93,7 @@ nginx_cors_global: true
nginx_cors_limit_origin: true
nginx_cors_extended_rules: false
nginx_cors_acl_origin: 'http?://(localhost)'
nginx_access_control_allow_origin_src: "*"
# Possible methods:
# CONNECT, DEBUG, DELETE, DONE, GET, HEAD, HTTP, HTTP/0.9, HTTP/1.0, HTTP/1.1, HTTP/2, OPTIONS, ORIGIN, ORIGINS, PATCH, POST, PUT, QUIC, REST, SESSION, SHOULD, SPDY, TRACE, TRACK
nginx_cors_allowed_methods: 'GET, POST, OPTIONS'

8
templates/nginx-cors.conf.j2
View File

@ -3,7 +3,7 @@ if ($request_method = 'OPTIONS') {
{% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
@ -23,7 +23,7 @@ if ($request_method = 'POST') {
{% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
@ -34,7 +34,7 @@ if ($request_method = 'GET') {
{% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' '{{ nginx_cors_allowed_methods }}';
@ -45,7 +45,7 @@ if ($request_method = 'GET') {
{% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %}
if ($request_method = OPTIONS ) {
return 204;