Created
September 15, 2019 20:12
-
-
Save iki/1247cd182acd1aa3ee4876acb7263def to your computer and use it in GitHub Desktop.
Docker-compose nginx CORS proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.7' | |
| services: | |
| whoami: | |
| image: jwilder/whoami | |
| ports: | |
| - 127.0.0.1:7000:8000 | |
| cors: | |
| image: nginx:alpine | |
| environment: | |
| BACKEND: whoami:8000 | |
| ports: | |
| - 127.0.0.1:8000:80 | |
| volumes: | |
| - ./nginx-cors-proxy.conf:/etc/nginx/conf.d/default.template:ro | |
| command: | |
| - /bin/sh | |
| - -c | |
| - envsubst '$$BACKEND' < /etc/nginx/conf.d/default.template > /etc/nginx/conf.d/default.conf && | |
| exec nginx-debug -g 'daemon off;' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| upstream backend { | |
| server $BACKEND; | |
| } | |
| server { | |
| listen 80 default_server; | |
| listen [::]:80 default_server; | |
| underscores_in_headers on; | |
| server_name cors; | |
| location / { | |
| proxy_pass http://backend; | |
| proxy_redirect http://$BACKEND http://$http_host; | |
| proxy_read_timeout 300; | |
| client_max_body_size 500M; | |
| proxy_set_header Proxy ''; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| proxy_hide_header Access-Control-Allow-Origin; | |
| proxy_hide_header Access-Control-Allow-Credentials; | |
| set $CORS_CREDS true; | |
| set $CORS_ORIGIN $http_origin; | |
| set $CORS_METHODS 'GET, POST, PUT, DELETE, OPTIONS'; | |
| set $CORS_HEADERS 'Authentication-Token, Cache-Control, Cookie, If-Modified-Since, Range, User-Agent, X-Requested-With'; | |
| # FYI: Always allowed headers: Accept, Accept-Language, Content-Language, Content-Type | |
| set $CORS_EXPOSE_HEADERS 'Content-Disposition, Content-Length, Content-Range, Set-Cookie'; | |
| # FYI: Always exposed headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma | |
| set $CORS_PREFLIGHT_CACHE_AGE 600; | |
| set $X_FRAME_OPTIONS ''; | |
| # set $X_FRAME_OPTIONS "ALLOW FROM $http_origin"; | |
| if ($request_method = 'OPTIONS') { | |
| add_header Access-Control-Allow-Origin $CORS_ORIGIN; | |
| add_header Access-Control-Allow-Methods $CORS_METHODS; | |
| add_header Access-Control-Allow-Headers $CORS_HEADERS; | |
| add_header Access-Control-Allow-Credentials $CORS_CREDS; | |
| add_header Access-Control-Max-Age $CORS_PREFLIGHT_CACHE_AGE; | |
| add_header Content-Type 'text/plain; charset=utf-8'; | |
| add_header Content-Length 0; | |
| return 204; | |
| } | |
| if ($request_method != 'OPTIONS') { | |
| add_header Access-Control-Allow-Origin $CORS_ORIGIN; | |
| add_header Access-Control-Allow-Methods $CORS_METHODS; | |
| add_header Access-Control-Allow-Headers $CORS_HEADERS; | |
| add_header Access-Control-Allow-Credentials $CORS_CREDS; | |
| add_header Access-Control-Expose-Headers $CORS_EXPOSE_HEADERS; | |
| add_header X-Frame-Options $X_FRAME_OPTIONS; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Inspiration: