Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
allgo
allgo
Commits
c87d973c
Commit
c87d973c
authored
May 02, 2019
by
sebastien letort
Browse files
New location rule to manage CORS for API only.
parent
ffa355b0
Pipeline
#76572
passed with stages
in 1 minute and 38 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
django/setup/files/etc/nginx/conf.d/allgo.conf.template
View file @
c87d973c
...
...
@@ -78,6 +78,36 @@ server
try_files $uri/index.html $uri.html $uri @django;
}
location /api/v1
{
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
# Custom headers and headers various browsers *should* be OK with but aren't
#
add_header 'Access-Control-Allow-Headers' 'Content-Type,Authorization';
return 204;
}
add_header Access-Control-Allow-Origin "*";
# proxy_redirect off; # work without it, maybe it's bad to remove it
proxy_pass http://django;
# header set to distinguish between requests going directly from nginx and
# requests going through aio
#
# This is a security feature. Django trusts this value (like the
# X-Forwarded-* headers), do not remove it !
proxy_set_header X-Origin "nginx";
}
location @django
{
proxy_redirect off;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment