Last active — forked from alexjs/cors-nginx.conf

Embed URL

HTTPS clone URL

SSH clone URL

You can clone with HTTPS or SSH.

Download Gist

Here' the minimal Access-Control-Allow-Origin header insertion necessary to allow any whitelisted sites to access resources via CORS headers.

View cors-nginx.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14
#
# Minimal CORS config for nginx
#
# A modification of https://gist.github.com/alexjs/4165271
#
# NB: This relies on the use of the 'Origin' HTTP Header.
 
location /static {
 
if ($http_origin ~* (whitelist\.address\.one|whitelist\.address\.two)$) {
add_header Access-Control-Allow-Origin "$http_origin";
}
 
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.