Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Iceforest2021-10-10 15:13:02
Nginx
Iceforest, 2021-10-10 15:13:02

How to add Access-Control-Allow-Origin header only if request came from https://example.org/ domain and request method was GET?

wrote this config, but for some reason header with the correct origin is still not added , you can't
use map

server {
    listen 80;
    server_name api.85f260ffe1ad0b24ff0ef6b645f46e25.kis.im;
    location / {
        set $cors '';
        set $cors_allowed_methods 'OPTIONS, HEAD, GET';

        if ($http_origin="https://example.org/")  {

            set $cors 'origin_matched';
        }

        if ($request_method = "GET") {
            set $cors '${cors} & preflight';
        }

        if ($cors = 'origin_matched & preflight') {
            add_header Access-Control-Allow-Origin $http_origin always;
}
            return 200;

    }
}

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexander Karabanov, 2021-10-10
@Iceforest

$http_origin ~ '^https:\/\/example\.org$'

Report
K
ky0, 2021-10-10
@ky0

You can use mapit, I tell you for sure.

Similar questions
G
Grebenshikov2014-09-20 11:06:36
How to handle 500 php-fpm error from nginx? 1Reply
D
Dmitry Kartashov2016-09-25 14:11:34
Is website analytics possible without JS Google and Yandex.Metrica? 2Reply
N
Nikolai Lapshin2016-09-26 14:42:06
apache, nginx. Why does a file download via a direct link break at 1.08 GB? 2Reply
V
VS2016-09-26 15:00:43
Nginx why long ttfb? 3Reply
J
Jekson2019-02-25 12:25:07
How to avoid 502 server error when executing a heavy script? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question