Skip to content

Instantly share code, notes, and snippets.

@alispat
Forked from antonbabenko/cors.inc
Last active August 29, 2015 14:24
Show Gist options
  • Save alispat/c770c135d469a93943c7 to your computer and use it in GitHub Desktop.
Save alispat/c770c135d469a93943c7 to your computer and use it in GitHub Desktop.
more_set_headers "Access-Control-Allow-Origin: $http_origin";
more_set_headers "Access-Control-Allow-Credentials: true";
# OPTIONS indicates a CORS pre-flight request
if ($request_method = 'OPTIONS') {
more_set_headers "Access-Control-Max-Age: 1728000";
more_set_headers "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS";
more_set_headers "Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
more_set_headers "Content-Length: 0";
more_set_headers "Content-Type: text/plain charset=UTF-8";
return 204;
}
sub vcl_deliver {
set resp.http.Access-Control-Allow-Origin = "*";
set resp.http.Access-Control-Allow-Credentials = "true";
if (req.method == "OPTIONS") {
set resp.http.Access-Control-Max-Age = "1728000";
set resp.http.Access-Control-Allow-Methods = "GET, POST, PUT, DELETE, PATCH, OPTIONS";
set resp.http.Access-Control-Allow-Headers = "Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
set resp.http.Content-Length = "0";
set resp.http.Content-Type = "text/plain charset=UTF-8";
set resp.status = 204;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment