Created
February 28, 2017 16:37
-
-
Save amessinger/6b365c9b0fdd9c065e62b2d98c64fa0c to your computer and use it in GitHub Desktop.
Proxy Cors Config for Nginx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| upstream service { | |
| server {{ ip }}:{{ port }}; | |
| } | |
| server { | |
| if ($http_origin ~* (https?://localhost(:[0-9]+)?)) { | |
| rewrite ^ /__cors__/$request_method$uri last; | |
| } | |
| location /__cors__/OPTIONS/ { | |
| add_header 'Access-Control-Allow-Origin' "$http_origin"; | |
| add_header 'Access-Control-Max-Age' 1728000; | |
| add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; | |
| add_header 'Access-Control-Allow-Headers' 'Authorization,X-Client-Id'; | |
| add_header 'Content-Length' 0; | |
| add_header 'Content-Type' 'text/plain charset=UTF-8'; | |
| return 204; | |
| } | |
| location /__cors__/ { | |
| add_header 'Access-Control-Allow-Origin' "$http_origin"; | |
| rewrite ^/__cors__/(GET|POST)/(.*)$ /$2 break; | |
| proxy_pass http://service; | |
| } | |
| location / { | |
| proxy_pass http://service; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@xcambar c'est surment pas idéal, mais on peut mettre
ixaekahjin3tieth3eafeiChe5ahnumiCein5Go0ru(et le changer 4 fois par jour si on est vraiment flippés) à la place de__cors__, comme ce ne sont que des rewrite internes, cette partie d'URL ne leak pas à l'exterieur de nginx.Pour ce qui est des endpoints privés, le but va etre justement d'intégrer ca avec https://github.com/peopledoc/api-gateway/blob/configure_nginx/ansible/roles/gateway.nginx/templates/api.site