debfranca
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Revert the nginx_cors_limit_origin defaults. Now it's True.

This commit is contained in:
Andrea Dell'Amico 2017-08-16 18:15:27 +02:00
parent 19518b92b0
commit 6c0ebbe18e
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nginx/defaults/main.yml
View File

@ -58,7 +58,7 @@ nginx_proxy_temp_file_write_size: '{{ nginx_proxy_buffer_size }}'
nginx_client_max_body_size: 100M nginx_client_max_body_size: 100M
nginx_client_body_timeout: 240s nginx_client_body_timeout: 240s
nginx_cors_limit_origin: False nginx_cors_limit_origin: True
nginx_cors_extended_rules: False nginx_cors_extended_rules: False
nginx_cors_acl_origin: 'http?://(localhost)' nginx_cors_acl_origin: 'http?://(localhost)'

6
nginx/templates/nginx-cors.conf.j2
View File

@ -1,7 +1,7 @@
{% if nginx_cors_extended_rules %} {% if nginx_cors_extended_rules %}
if ($request_method = 'OPTIONS') { if ($request_method = 'OPTIONS') {
{% if nginx_cors_limit_origin %} {% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}"; add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
{% else %} {% else %}
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';
@ -21,7 +21,7 @@ if ($request_method = 'OPTIONS') {
} }
if ($request_method = 'POST') { if ($request_method = 'POST') {
{% if nginx_cors_limit_origin %} {% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}"; add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
{% else %} {% else %}
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';
@ -32,7 +32,7 @@ if ($request_method = 'POST') {
} }
if ($request_method = 'GET') { if ($request_method = 'GET') {
{% if nginx_cors_limit_origin %} {% if nginx_cors_limit_origin %}
add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}"; add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
{% else %} {% else %}
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';