kapv89 · September 29, 2013 15:08
diff --git a/cors-nginx.conf b/cors-nginx.conf
 if ($request_method = 'OPTIONS') {
 	add_header 'Access-Control-Allow-Origin' $http_origin;
 	add_header 'Access-Control-Allow-Credentials' 'true';
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
 	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
 	add_header 'Access-Control-Expose-Headers' $cors_headers;
 	
 	# dafuq are these
 	add_header 'Access-Control-Max-Age' 1728000;
 	add_header 'Content-Type' 'text/plain charset=UTF-8';
 	add_header 'Content-Length' 0;

 	return 204;
 }

 if ($request_method = 'GET') {
 	add_header 'Access-Control-Allow-Credentials' 'true';
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
 	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
 	add_header 'Access-Control-Expose-Headers' $cors_headers;
 }

 if ($request_method = 'POST') {
 	add_header 'Access-Control-Allow-Credentials' 'true';
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
 	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
 	add_header 'Access-Control-Expose-Headers' $cors_headers;
 }

 if ($request_method = 'PUT') {
 	add_header 'Access-Control-Allow-Credentials' 'true';
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
 	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
 	add_header 'Access-Control-Expose-Headers' $cors_headers;
 }

 if ($request_method = 'DELETE') {
 	add_header 'Access-Control-Allow-Credentials' 'true';
 	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
 	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
 	add_header 'Access-Control-Expose-Headers' $cors_headers;
 }
	if ($request_method = 'OPTIONS') {
	add_header 'Access-Control-Allow-Origin' $http_origin;
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
	add_header 'Access-Control-Expose-Headers' $cors_headers;

	# dafuq are these
	add_header 'Access-Control-Max-Age' 1728000;
	add_header 'Content-Type' 'text/plain charset=UTF-8';
	add_header 'Content-Length' 0;

	return 204;
	}

	if ($request_method = 'GET') {
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
	add_header 'Access-Control-Expose-Headers' $cors_headers;
	}

	if ($request_method = 'POST') {
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
	add_header 'Access-Control-Expose-Headers' $cors_headers;
	}

	if ($request_method = 'PUT') {
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
	add_header 'Access-Control-Expose-Headers' $cors_headers;
	}

	if ($request_method = 'DELETE') {
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,$cors_headers';
	add_header 'Access-Control-Expose-Headers' $cors_headers;
	}