caquino · January 7, 2021 11:09
diff --git a/nginx.conf b/nginx.conf
 # Origin whitelist
 map $http_origin $allowed_origin {
  default             "false";

  "~*\.?test\.com"    "true";
  "~*\.?example\.com" "true";
 }

 # Methods
 map $request_method $cors {
  "OPTIONS" "${allowed_origin}options";
  "GET"     "${allowed_origin}get";
  "POST"    "${allowed_origin}post";
  default   "${allowed_origin}";
 }

 # Access-Control-Allow-Origin, if cors true add header.
 map $cors $acao {
  "~^true.+?" "$http_origin";
 }

 # Access-Control-Allow-Credentials, and method is GET/POST/OPTIONS and cors true add header.
 map $cors $acac {
  "~^true(options|get|post)" "true";
 }

 # Access-Control-Allow-Methods, and method is GET/POST/OPTIONS and cors true add header.
 map $cors $acam {
  "~^true(options|get|post)" "GET, POST, OPTIONS";
 }

 # Access-Control-Allow-Headers, and method is GET/POST/OPTIONS and cors true add header.
 map $cors $acah {
  "~^true(options|get|post)" "Keep-Alive,User-Agent,ETag,Last-Modified,Vary,If-Modified-Since,Cache-Control,Content-Type";
 }

 # Access-Control-Max-Age, and method is OPTIONS and cors true add header.
 map $cors $acma {
  "trueoptions" "1728000";
 }

 server {
  listen 80 default_server reuseport;
  expires 24h;

  root /usr/share/nginx/html;
  index index.html index.htm;

  location / {
    add_header 'Access-Control-Allow-Origin' $acao;
    add_header 'Access-Control-Allow-Credentials' $acac;
    add_header 'Access-Control-Allow-Methods' $acam;
    add_header 'Access-Control-Allow-Headers' $acah;
    add_header 'Access-Control-Max-Age' $acma;

    if ($request_method = "OPTIONS") {
      return 204;
    }

    try_files $uri $uri/ =404;
  }
 }
	# Origin whitelist
	map $http_origin $allowed_origin {
	default "false";

	"~*\.?test\.com" "true";
	"~*\.?example\.com" "true";
	}

	# Methods
	map $request_method $cors {
	"OPTIONS" "${allowed_origin}options";
	"GET" "${allowed_origin}get";
	"POST" "${allowed_origin}post";
	default "${allowed_origin}";
	}

	# Access-Control-Allow-Origin, if cors true add header.
	map $cors $acao {
	"~^true.+?" "$http_origin";
	}

	# Access-Control-Allow-Credentials, and method is GET/POST/OPTIONS and cors true add header.
	map $cors $acac {
	"~^true(options\|get\|post)" "true";
	}

	# Access-Control-Allow-Methods, and method is GET/POST/OPTIONS and cors true add header.
	map $cors $acam {
	"~^true(options\|get\|post)" "GET, POST, OPTIONS";
	}

	# Access-Control-Allow-Headers, and method is GET/POST/OPTIONS and cors true add header.
	map $cors $acah {
	"~^true(options\|get\|post)" "Keep-Alive,User-Agent,ETag,Last-Modified,Vary,If-Modified-Since,Cache-Control,Content-Type";
	}

	# Access-Control-Max-Age, and method is OPTIONS and cors true add header.
	map $cors $acma {
	"trueoptions" "1728000";
	}

	server {
	listen 80 default_server reuseport;
	expires 24h;

	root /usr/share/nginx/html;
	index index.html index.htm;

	location / {
	add_header 'Access-Control-Allow-Origin' $acao;
	add_header 'Access-Control-Allow-Credentials' $acac;
	add_header 'Access-Control-Allow-Methods' $acam;
	add_header 'Access-Control-Allow-Headers' $acah;
	add_header 'Access-Control-Max-Age' $acma;

	if ($request_method = "OPTIONS") {
	return 204;
	}

	try_files $uri $uri/ =404;
	}
	}