From 8b7892c743b0b7f070688ccdfc16f0f860c367bd Mon Sep 17 00:00:00 2001 From: Martin Fenner Date: Wed, 21 Jul 2021 10:30:48 +0200 Subject: [PATCH] fix nginx cors configuration --- vendor/docker/webapp.conf | 52 ++++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 25 deletions(-) diff --git a/vendor/docker/webapp.conf b/vendor/docker/webapp.conf index 2b9ddfcfc..694a11f84 100644 --- a/vendor/docker/webapp.conf +++ b/vendor/docker/webapp.conf @@ -11,34 +11,36 @@ server { error_log stderr; - # enable CORS - set $cors ''; - if ($http_origin ~* 'https?://(localhost:3000|localhost:4200|doi.stage.datacite.org|commons.stage.datacite.org|doi.datacite.org|commons.datacite.org)') { - set $cors 'true'; - } + location / { + # enable CORS + set $cors ''; + if ($http_origin ~* 'https?://(localhost:3000|localhost:4200|doi.stage.datacite.org|commons.stage.datacite.org|doi.datacite.org|commons.datacite.org)') { + set $cors 'true'; + } - # always is required to add headers even if response's status is 4xx or 5xx - if ($cors = 'true') { - add_header 'Access-Control-Allow-Origin' "$http_origin" always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, PATCH, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; - # required to be able to read Authorization header in frontend - add_header 'Access-Control-Expose-Headers' 'Authorization' always; - } + # always is required to add headers even if response's status is 4xx or 5xx + if ($cors = 'true') { + add_header 'Access-Control-Allow-Origin' "$http_origin" always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, PATCH, DELETE, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; + # required to be able to read Authorization header in frontend + add_header 'Access-Control-Expose-Headers' 'Authorization' always; + } - # 2 if are required, nginx treats each if block as a different context - if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' "$http_origin"; - add_header 'Access-Control-Allow-Credentials' 'true'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, PATCH, DELETE, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; + # 2 if are required, nginx treats each if block as a different context + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' "$http_origin"; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, PATCH, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } } - + location = / { return 301 https://support.datacite.org/docs/api; }