Skip to content

Instantly share code, notes, and snippets.

@so-jelly
Last active May 3, 2019 22:23
Show Gist options
  • Save so-jelly/06d3ae8c0b23924445893034670b58f0 to your computer and use it in GitHub Desktop.
Save so-jelly/06d3ae8c0b23924445893034670b58f0 to your computer and use it in GitHub Desktop.
CORS
#can't mix wildcard with allow-credentials
add_header 'Access-Control-Allow-Origin' * always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment