Unable to resolve the "Access-Control-Allow-Origin" issue

Ajay Garg ajaygargnsit at gmail.com
Wed Apr 12 14:48:45 UTC 2017 

For the record, here is the server-block ::


#########################################################
server {

                listen 443 ssl;

                ssl_certificate /etc/nginx/ssl/nginx.crt;
                ssl_certificate_key /etc/nginx/ssl/nginx.key;

                add_header 'Access-Control-Max-Age' 1728000;
                add_header 'Access-Control-Allow-Origin' $http_origin;
                add_header 'Access-Control-Allow-Credentials' 'true';
                add_header 'Access-Control-Allow-Methods' 'GET, POST,
OPTIONS';
                add_header 'Access-Control-Allow-Headers'
'DNT,Access-Control-Allow-Origin,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

                location / {

                        add_header 'Access-Control-Max-Age' 1728000;
                        add_header 'Access-Control-Allow-Origin' '*';
                        add_header 'Access-Control-Allow-Credentials'
'true';
                        add_header 'Access-Control-Allow-Methods' 'GET,
POST, OPTIONS';
                        add_header 'Access-Control-Allow-Headers'
'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

                        auth_basic 'Restricted';
                        auth_basic_user_file /etc/nginx/ssl/.htpasswd;

                        proxy_set_header 'Access-Control-Max-Age' 1728000;
                        proxy_set_header 'Access-Control-Allow-Origin' '*';
                        proxy_set_header 'Access-Control-Allow-Credentials'
'true';
                        proxy_set_header 'Access-Control-Allow-Methods'
'GET, POST, OPTIONS';
                        proxy_set_header 'Access-Control-Allow-Headers'
'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

                        proxy_pass $forwarded_protocol://127.0.0.1:
$forwarded_port;

                }
        }
#########################################################

On Wed, Apr 12, 2017 at 6:13 PM, Ajay Garg <ajaygargnsit at gmail.com> wrote:

> Hi All.
>
> We are facing the following issue :
>
> Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
> remote resource at https://1.2.3.4/. (Reason: CORS header 'Access-Control-
> Allow-Origin' missing).
>
> Have tried everything I could find on the google, but nothing works
> (whatever I do in /etc/nginx/sites-available/default)
>
>
> So, first question first, is it even possible to solve this issue on the
> version, as per the information below ::
>
> ########################################################
> nginx -V
> nginx version: nginx/1.4.6 (Ubuntu)
> built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)
> TLS SNI support enabled
> configure arguments: --with-cc-opt='-g -O2 -fstack-protector
> --param=ssp-buffer-size=4 -Wformat -Werror=format-security
> -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions
> -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf
> --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
> --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid
> --http-client-body-temp-path=/var/lib/nginx/body
> --http-fastcgi-temp-path=/var/lib/nginx/fastcgi
> --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi
> --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit
> --with-ipv6 --with-http_ssl_module --with-http_stub_status_module
> --with-http_realip_module --with-http_addition_module
> --with-http_dav_module --with-http_flv_module --with-http_geoip_module
> --with-http_gzip_static_module --with-http_image_filter_module
> --with-http_mp4_module --with-http_perl_module --with-http_random_index_module
> --with-http_secure_link_module --with-http_spdy_module
> --with-http_sub_module --with-http_xslt_module --with-mail
> --with-mail_ssl_module --add-module=/build/nginx-9sG_
> hy/nginx-1.4.6/debian/modules/headers-more-nginx-module
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-auth-pam
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-cache-purge
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-dav-ext-module
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-development-kit
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-echo
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/ngx-fancyindex
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-http-push
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-lua
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-upload-progress
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-upstream-fair
> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/
> ngx_http_substitutions_filter_module
> ##########################################################
>
>
>
> Thanks and Regards,
> Ajay
>



-- 
Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170412/9fb6dcb3/attachment-0001.html>

More information about the nginx mailing list