Added CORS support for rev-proxy APIs #49

siexp · 2021-07-13T11:17:11Z

Added new flag allow_cors: <bool> which enables Cross-Origin requests for proxied API. Without this flag enabled only requests from the same to Api host domains are allowed in browser.

nginx_revproxy_sites:
  example.com:
    ...
    allow_cors: <bool | default( false )>

When enabled force nginx to add following headers to response

   add_header 'Access-Control-Allow-Origin' $http_origin;
   add_header 'Access-Control-Max-Age' 600;

Access-Control-Allow-Origin set to $http_origin which is equal to value from Origin header in request
Access-Control-Max-Age set to 10 min period accordingly to Chromium v76 and below cap

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age

Chromium (prior to v76) caps at 10 minutes (600 seconds)

…sockets added proxy_http_version 1.1; when doing upgrade

siexp added 7 commits May 20, 2021 14:08

removed deprecated 'ssl on' directive

be641e3

Merge remote-tracking branch 'upstream/master'

f58ba95

Added Access-Control-Allow-Origin

5ad4856

Access-Control-Max-Age

496c1c4

Chromium (prior to v76) caps at 10 minutes (600 seconds)

removed extra new line

d74ed87

added proxy_http_version 1.1; when doing upgrade

6ef5f36

Merge pull request #1 from siexp/feature/http_upgrade_version_for_web…

b5bba80

…sockets added proxy_http_version 1.1; when doing upgrade

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added CORS support for rev-proxy APIs #49

Added CORS support for rev-proxy APIs #49

siexp commented Jul 13, 2021

Added CORS support for rev-proxy APIs #49

Are you sure you want to change the base?

Added CORS support for rev-proxy APIs #49

Conversation

siexp commented Jul 13, 2021