From 19518b92b09d289ff65095ccdab0f35d984e2144 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Wed, 16 Aug 2017 15:16:03 +0200
Subject: [PATCH] library/roles/nginx/templates/nginx-cors.conf.j2: Simplyfy
 the CORS configuration.

---
 nginx/templates/nginx-cors.conf.j2 | 26 +++++++++-----------------
 1 file changed, 9 insertions(+), 17 deletions(-)

diff --git a/nginx/templates/nginx-cors.conf.j2 b/nginx/templates/nginx-cors.conf.j2
index 9ad887f7..75b93a65 100644
--- a/nginx/templates/nginx-cors.conf.j2
+++ b/nginx/templates/nginx-cors.conf.j2
@@ -1,7 +1,7 @@
 {% if nginx_cors_extended_rules %}
 if ($request_method = 'OPTIONS') {
 {% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin }}";
+    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}";
     add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
     add_header 'Access-Control-Allow-Origin' '*';
@@ -21,7 +21,7 @@ if ($request_method = 'OPTIONS') {
 }
 if ($request_method = 'POST') {
 {% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin }}";
+    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}";
     add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
     add_header 'Access-Control-Allow-Origin' '*';
@@ -32,7 +32,7 @@ if ($request_method = 'POST') {
 }
 if ($request_method = 'GET') {
 {% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin }}";
+    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}";
     add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
     add_header 'Access-Control-Allow-Origin' '*';
@@ -43,26 +43,18 @@ if ($request_method = 'GET') {
 }
 {% else %}
 {% if nginx_cors_limit_origin %}
-set $cors '';
-if ($http_origin ~* '{{ nginx_cors_acl_origin }}') {
-    set $cors 'true';
-}
-if ($cors = 'true') {
-{% endif %}
-{% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "$http_origin";
+add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
+add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
-    add_header 'Access-Control-Allow-Origin' "$http_origin";
-    # add_header 'Access-Control-Allow-Origin' "*";
+add_header 'Access-Control-Allow-Origin' '*';
 {% endif %}
-    add_header 'Access-Control-Allow-Credentials' 'true';
-    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-    add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
+add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
 {% if nginx_cors_limit_origin %}
 }
-{% endif %}
 if ($request_method = 'OPTIONS') {
     return 204;
 }
 {% endif %}
+{% endif %}