Docker-compose nginx CORS proxy
version: '3.7' | |
services: | |
whoami: | |
image: jwilder/whoami | |
ports: | |
- 127.0.0.1:7000:8000 | |
cors: | |
image: nginx:alpine | |
environment: | |
BACKEND: whoami:8000 | |
ports: | |
- 127.0.0.1:8000:80 | |
volumes: | |
- ./nginx-cors-proxy.conf:/etc/nginx/conf.d/default.template:ro | |
command: | |
- /bin/sh | |
- -c | |
- envsubst '$$BACKEND' < /etc/nginx/conf.d/default.template > /etc/nginx/conf.d/default.conf && | |
exec nginx-debug -g 'daemon off;' |
upstream backend { | |
server $BACKEND; | |
} | |
server { | |
listen 80 default_server; | |
listen [::]:80 default_server; | |
underscores_in_headers on; | |
server_name cors; | |
location / { | |
proxy_pass http://backend; | |
proxy_redirect http://$BACKEND http://$http_host; | |
proxy_read_timeout 300; | |
client_max_body_size 500M; | |
proxy_set_header Proxy ''; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_hide_header Access-Control-Allow-Origin; | |
proxy_hide_header Access-Control-Allow-Credentials; | |
set $CORS_CREDS true; | |
set $CORS_ORIGIN $http_origin; | |
set $CORS_METHODS 'GET, POST, PUT, DELETE, OPTIONS'; | |
set $CORS_HEADERS 'Authentication-Token, Cache-Control, Cookie, If-Modified-Since, Range, User-Agent, X-Requested-With'; | |
# FYI: Always allowed headers: Accept, Accept-Language, Content-Language, Content-Type | |
set $CORS_EXPOSE_HEADERS 'Content-Disposition, Content-Length, Content-Range, Set-Cookie'; | |
# FYI: Always exposed headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma | |
set $CORS_PREFLIGHT_CACHE_AGE 600; | |
set $X_FRAME_OPTIONS ''; | |
# set $X_FRAME_OPTIONS "ALLOW FROM $http_origin"; | |
if ($request_method = 'OPTIONS') { | |
add_header Access-Control-Allow-Origin $CORS_ORIGIN; | |
add_header Access-Control-Allow-Methods $CORS_METHODS; | |
add_header Access-Control-Allow-Headers $CORS_HEADERS; | |
add_header Access-Control-Allow-Credentials $CORS_CREDS; | |
add_header Access-Control-Max-Age $CORS_PREFLIGHT_CACHE_AGE; | |
add_header Content-Type 'text/plain; charset=utf-8'; | |
add_header Content-Length 0; | |
return 204; | |
} | |
if ($request_method != 'OPTIONS') { | |
add_header Access-Control-Allow-Origin $CORS_ORIGIN; | |
add_header Access-Control-Allow-Methods $CORS_METHODS; | |
add_header Access-Control-Allow-Headers $CORS_HEADERS; | |
add_header Access-Control-Allow-Credentials $CORS_CREDS; | |
add_header Access-Control-Expose-Headers $CORS_EXPOSE_HEADERS; | |
add_header X-Frame-Options $X_FRAME_OPTIONS; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
Inspiration: