Skip to content

Instantly share code, notes, and snippets.

Created January 22, 2019 17:35
  • Star 6 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
How to enable CORS in nginx with origin matching
server {
listen 80 default_server;
root /var/www;
location / {
set $cors '';
set $cors_allowed_methods 'OPTIONS, HEAD, GET';
if ($http_origin ~ '^https?://(www\.)?$') {
set $cors 'origin_matched';
# Preflight requests
if ($request_method = OPTIONS) {
set $cors '${cors} & preflight';
if ($cors = 'origin_matched') {
add_header Access-Control-Allow-Origin $http_origin;
add_header Access-Control-Allow-Methods $cors_allowed_methods;
if ($cors = 'origin_matched & preflight') {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Methods $cors_allowed_methods;
add_header Content-Type text/plain;
add_header Content-Length 0;
return 204;
Copy link

I tried your configuration, but I got error, we should I put the header field "x-rundeck-auth-token" to?
has been blocked by CORS policy: Request header field x-rundeck-auth-token is not allowed by Access-Control-Allow-Headers in preflight response.

Copy link

add_header "Access-Control-Allow-Headers" "x-rundeck-auth-token";

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment