library/roles/nginx/templates/nginx-cors.conf.j2: Simplyfy the CORS configuration.

2017-08-16 15:16:03 +02:00 · 2017-08-16 15:16:03 +02:00 · 19518b92b0
parent b86f5641c9
commit 19518b92b0
1 changed files with 9 additions and 17 deletions
--- a/nginx/templates/nginx-cors.conf.j2
+++ b/nginx/templates/nginx-cors.conf.j2
@ -1,7 +1,7 @@
 {% if nginx_cors_extended_rules %}
 if ($request_method = 'OPTIONS') {
 {% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin }}";
+    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}";
    add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
    add_header 'Access-Control-Allow-Origin' '*';
@ -21,7 +21,7 @@ if ($request_method = 'OPTIONS') {
 }
 if ($request_method = 'POST') {
 {% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin }}";
+    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}";
    add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
    add_header 'Access-Control-Allow-Origin' '*';
@ -32,7 +32,7 @@ if ($request_method = 'POST') {
 }
 if ($request_method = 'GET') {
 {% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin }}";
+    add_header 'Access-Control-Allow-Origin' "{{ nginx_cors_acl_origin | default('$http_origin') }}";
    add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
    add_header 'Access-Control-Allow-Origin' '*';
@ -43,26 +43,18 @@ if ($request_method = 'GET') {
 }
 {% else %}
 {% if nginx_cors_limit_origin %}
-set $cors '';
-if ($http_origin ~* '{{ nginx_cors_acl_origin }}') {
-    set $cors 'true';
-}
-if ($cors = 'true') {
-{% endif %}
-{% if nginx_cors_limit_origin %}
-    add_header 'Access-Control-Allow-Origin' "$http_origin";
+add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
+add_header 'Access-Control-Allow-Credentials' 'true';
 {% else %}
-    add_header 'Access-Control-Allow-Origin' "$http_origin";
-    # add_header 'Access-Control-Allow-Origin' "*";
+add_header 'Access-Control-Allow-Origin' '*';
 {% endif %}
-    add_header 'Access-Control-Allow-Credentials' 'true';
-    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-    add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
+add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
 {% if nginx_cors_limit_origin %}
 }
-{% endif %}
 if ($request_method = 'OPTIONS') {
    return 204;
 }
 {% endif %}
+{% endif %}