<div dir="ltr">Your are using auth_basic, so the 401 response code is not in the range that add_header works with ("Adds the specified field to a response header provided that the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307."). You need to use "always" if you want to include the header in all responses. See the documentation for more details.<div><br></div><div><a href="http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header">http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header</a><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 12, 2017 at 4:48 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">For the record, here is the server-block ::<br><br><br>##############################<wbr>###########################<br>server {<br><br> listen 443 ssl;<br><br> ssl_certificate /etc/nginx/ssl/nginx.crt;<br> ssl_certificate_key /etc/nginx/ssl/nginx.key;<br><br> add_header 'Access-Control-Max-Age' 1728000;<br> add_header 'Access-Control-Allow-Origin' $http_origin;<br> add_header 'Access-Control-Allow-<wbr>Credentials' 'true';<br> add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br> add_header 'Access-Control-Allow-Headers' 'DNT,Access-Control-Allow-<wbr>Origin,X-CustomHeader,Keep-<wbr>Alive,User-Agent,X-Requested-<wbr>With,If-Modified-Since,Cache-<wbr>Control,Content-Type';<br><br> location / {<br><br> add_header 'Access-Control-Max-Age' 1728000;<br> add_header 'Access-Control-Allow-Origin' '*';<br> add_header 'Access-Control-Allow-<wbr>Credentials' 'true';<br> add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br> add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-<wbr>Alive,User-Agent,X-Requested-<wbr>With,If-Modified-Since,Cache-<wbr>Control,Content-Type';<br><br> auth_basic 'Restricted';<br> auth_basic_user_file /etc/nginx/ssl/.htpasswd;<br><br> proxy_set_header 'Access-Control-Max-Age' 1728000;<br> proxy_set_header 'Access-Control-Allow-Origin' '*';<br> proxy_set_header 'Access-Control-Allow-<wbr>Credentials' 'true';<br> proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br> proxy_set_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-<wbr>Alive,User-Agent,X-Requested-<wbr>With,If-Modified-Since,Cache-<wbr>Control,Content-Type';<br><br> proxy_pass $forwarded_protocol://<a href="http://127.0.0.">127.0.0.</a><wbr>1:$forwarded_port;<br><br> }<br> }<br>##############################<wbr>###########################<br></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">On Wed, Apr 12, 2017 at 6:13 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><span class="m_-7629809308699495445m_-1183104852420726643gmail-objectBox m_-7629809308699495445m_-1183104852420726643gmail-objectBox-errorMessage"><span class="m_-7629809308699495445m_-1183104852420726643errorMessage">Hi All.<br><br></span></span></div><span class="m_-7629809308699495445m_-1183104852420726643gmail-objectBox m_-7629809308699495445m_-1183104852420726643gmail-objectBox-errorMessage"><span class="m_-7629809308699495445m_-1183104852420726643errorMessage">We are facing the following issue :<br></span></span><div><div><span class="m_-7629809308699495445m_-1183104852420726643gmail-objectBox m_-7629809308699495445m_-1183104852420726643gmail-objectBox-errorMessage"><span class="m_-7629809308699495445m_-1183104852420726643errorMessage"><br>Cross-Origin
Request Blocked: The Same Origin Policy disallows reading the remote
resource at <a href="https://1.2.3.4/" target="_blank">https://1.2.3.4/</a>. (Reason: CORS header
'Access-Control-<br>Allow-Origin' missing).</span></span><br><br></div><div>Have tried everything I could find on the google, but nothing works (whatever I do in /etc/nginx/sites-available/def<wbr>ault)<br></div><div><br><br></div><div>So, first question first, is it even possible to solve this issue on the version, as per the information below ::<br></div><div><br>##############################<wbr>##########################<br>nginx -V<br>nginx version: nginx/1.4.6 (Ubuntu)<br>built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3) <br>TLS SNI support enabled<br>configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-<wbr>functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.c<wbr>onf --http-log-path=/var/log/nginx<wbr>/access.log --error-log-path=/var/log/ngin<wbr>x/error.log --lock-path=/var/lock/nginx.lo<wbr>ck --pid-path=/run/nginx.pid --http-client-body-temp-path=/<wbr>var/lib/nginx/body --http-fastcgi-temp-path=/var/<wbr>lib/nginx/fastcgi --http-proxy-temp-path=/var/li<wbr>b/nginx/proxy --http-scgi-temp-path=/var/lib<wbr>/nginx/scgi --http-uwsgi-temp-path=/var/li<wbr>b/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_modul<wbr>e --with-http_mp4_module --with-http_perl_module --with-http_random_index_modul<wbr>e --with-http_secure_link_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>headers-more-nginx-module --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-auth-pam --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-cache-purge --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-dav-ext-module --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-development-kit --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-echo --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>ngx-fancyindex --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-http-push --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-lua --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-upload-progress --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-upstream-fair --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>ngx_http_substitutions_filter_<wbr>module<br>##############################<wbr>############################<br><br clear="all"><br><br><div class="m_-7629809308699495445m_-1183104852420726643gmail_signature">Thanks and Regards,<br>Ajay<br></div>
</div></div></div>
</blockquote></div><br><br clear="all"><br></div></div><span class="HOEnZb"><font color="#888888">-- <br><div class="m_-7629809308699495445gmail_signature" data-smartmail="gmail_signature">Regards,<br>Ajay<br></div>
</font></span></div>
<br>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a><br></blockquote></div><br></div>