ISTI-ansible-roles
/
ansible-role-nginx
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove some not allowed proxy_hide_header.

This commit is contained in:
Andrea Dell'Amico 2025-02-25 15:50:25 +01:00
parent 978229b0b2
commit 979c9060df
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
templates/nginx-cors.conf.j2
View File

@ -1,10 +1,10 @@
{% if nginx_cors_extended_rules %} {% if nginx_cors_extended_rules %}
if ($request_method = 'OPTIONS') { if ($request_method = 'OPTIONS') {
{% if nginx_cors_limit_origin %} {% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin; # proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}'; add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %} {% else %}
proxy_hide_header Access-Control-Allow-Origin; # proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}'; add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %} {% endif %}
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
@ -23,10 +23,10 @@ if ($request_method = 'OPTIONS') {
} }
if ($request_method = 'POST') { if ($request_method = 'POST') {
{% if nginx_cors_limit_origin %} {% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin; # proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}'; add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %} {% else %}
proxy_hide_header Access-Control-Allow-Origin; # proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}'; add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %} {% endif %}
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
@ -36,10 +36,10 @@ if ($request_method = 'POST') {
} }
if ($request_method = 'GET') { if ($request_method = 'GET') {
{% if nginx_cors_limit_origin %} {% if nginx_cors_limit_origin %}
proxy_hide_header Access-Control-Allow-Origin; # proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}'; add_header 'Access-Control-Allow-Origin' '{{ nginx_cors_acl_origin | default("$http_origin") }}';
{% else %} {% else %}
proxy_hide_header Access-Control-Allow-Origin; # proxy_hide_header Access-Control-Allow-Origin;
add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}'; add_header 'Access-Control-Allow-Origin' '{{ nginx_access_control_allow_origin_src | default("*") }}';
{% endif %} {% endif %}
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';