Skip to content

Instantly share code, notes, and snippets.

@tunght13488
Forked from sbuzonas/nginx-cors.conf
Created February 27, 2021 12:34
Show Gist options
  • Save tunght13488/079dd0d69d3900f266026b9db33ae51f to your computer and use it in GitHub Desktop.
Save tunght13488/079dd0d69d3900f266026b9db33ae51f to your computer and use it in GitHub Desktop.
Nginx CORS maps
map $http_origin $allow_origin {
default "";
"~^https?://(?:[^/]*\.)?(stevebuzonas\.(?:com|local))(?::[0-9]+)?$" "$http_origin";
}
map $request_method $cors_method {
default "allowed";
"OPTIONS" "preflight";
}
map $cors_method $cors_max_age {
default "";
"preflight" 1728000;
}
map $cors_method $cors_allow_methods {
default "";
"preflight" "GET, POST, OPTIONS";
}
map $cors_method $cors_allow_headers {
default "";
"preflight" "Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
}
map $cors_method $cors_content_length {
default $initial_content_length;
"preflight" 0;
}
map $cors_method $cors_content_type {
default $initial_content_type;
"preflight" "text/plain charset=UTF-8";
}
add_header Access-Control-Allow-Origin $allow_origin;
add_header Access-Control-Allow-Credentials 'true';
add_header Access-Control-Max-Age $cors_max_age;
add_header Access-Control-Allow-Methods $cors_allow_methods;
add_header Access-Control-Allow-Headers $cors_allow_headers;
set $initial_content_length $sent_http_content_length;
add_header 'Content-Length' "";
add_header 'Content-Length' $cors_content_length;
set $initial_content_type $sent_http_content_type;
add_header Content-Type "";
add_header Content-Type $cors_content_type;
if ($request_method = 'OPTIONS') {
return 204;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment