<div dir="ltr"><div><div>Upgraded to 1.11<br><br></div>Now, things get worse, I am not being prompted for any credentials (even with all browser cache cleared), even with the following /etc/nginx/conf.d/default.conf<br><br><br>##########################################################<br>server {<br><br>                listen 443 ssl;<br>                ssl_certificate /etc/nginx/ssl/nginx.crt;<br>                ssl_certificate_key /etc/nginx/ssl/nginx.key;<br><br>#               add_header 'Access-Control-Max-Age' 1728000 'always';<br>#               add_header 'Access-Control-Allow-Origin' $http_origin 'always';<br>#               add_header 'Access-Control-Allow-Credentials' 'true' 'always';<br>#               add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' 'always';<br>#               add_header 'Access-Control-Allow-Headers' 'DNT,Access-Control-Allow-Origin,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' 'always';<br><br>                location / {<br><br>#                       add_header 'Access-Control-Max-Age' 1728000 'always';<br>#                       add_header 'Access-Control-Allow-Origin' '*' 'always';<br>#                       add_header 'Access-Control-Allow-Credentials' 'true' 'always';<br>#                       add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' 'always';<br>#                       add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' 'always';<br><br>                        auth_basic 'Restricted';<br>                        auth_basic_user_file /etc/nginx/ssl/.htpasswd;<br><br>#                       proxy_set_header 'Access-Control-Max-Age' 1728000;<br>#                       proxy_set_header 'Access-Control-Allow-Origin' '*';<br>#                       proxy_set_header 'Access-Control-Allow-Credentials' 'true';<br>#                       proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br>#                       proxy_set_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';<br><br>                        proxy_pass $forwarded_protocol://127.0.0.1:$forwarded_port;<br><br>                }<br>        }<br><br>##########################################################<br><br><br></div>Any ideas why this regression?<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 12, 2017 at 10:54 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div><div><div><div>Hi Richard.<br><br></div>Thanks for the help.<br><br></div>I added 'always' as the last argument in all the "add_header" and "proxy_set_header" directives.<br></div>Unfortunately, I receive the following on the very first "add_header" directive ::<br><br>##############################<wbr>#######################<br>2017/04/12 17:18:22 [emerg] 28540#0: invalid number of arguments in "add_header" directive in /etc/nginx/sites-enabled/<wbr>default:22<br>##############################<wbr>#######################<br><br><br></div>I guess the 'always' argument requires nginx >= 1.7.5.<br><br><br></div>Is there a pre-built package available for nginx?<br>Our linux-machine is ::<br><br>##############################<wbr>#######################<br>uname -a<br>Linux proxy 3.13.0-108-generic #155-Ubuntu SMP Wed Jan 11 16:58:52 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux<br>##############################<wbr>#######################<br><br></div>If not, I guess the link to use is <a href="http://nginx.org/en/docs/configure.html" target="_blank">http://nginx.org/en/docs/<wbr>configure.html</a>, but I am very afraid that I might miss something, so a pre-built package >= 1.7.5 (provided one exists) for our linux-machine would be great :)<br><br><br></div>Thanks for the help so far !!!<br><br><br></div>Thanks and Regards,<br></div>Ajay<br></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">On Wed, Apr 12, 2017 at 8:30 PM, Richard Stanway <span dir="ltr"><<a href="mailto:r1ch+nginx@teamliquid.net" target="_blank">r1ch+nginx@teamliquid.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Your are using auth_basic, so the 401 response code is not in the range that add_header works with ("Adds the specified field to a response header provided that the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307."). You need to use "always" if you want to include the header in all responses. See the documentation for more details.<div><br></div><div><a href="http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header" target="_blank">http://nginx.org/en/docs/http/<wbr>ngx_http_headers_module.html#a<wbr>dd_header</a><br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_-6041974815253305957h5">On Wed, Apr 12, 2017 at 4:48 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="m_-6041974815253305957h5"><div dir="ltr">For the record, here is the server-block ::<br><br><br>##############################<wbr>###########################<br>server {<br><br>                listen 443 ssl;<br><br>                ssl_certificate /etc/nginx/ssl/nginx.crt;<br>                ssl_certificate_key /etc/nginx/ssl/nginx.key;<br><br>                add_header 'Access-Control-Max-Age' 1728000;<br>                add_header 'Access-Control-Allow-Origin' $http_origin;<br>                add_header 'Access-Control-Allow-Credenti<wbr>als' 'true';<br>                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br>                add_header 'Access-Control-Allow-Headers' 'DNT,Access-Control-Allow-Orig<wbr>in,X-CustomHeader,Keep-Alive,U<wbr>ser-Agent,X-Requested-With,If-<wbr>Modified-Since,Cache-Control,<wbr>Content-Type';<br><br>                location / {<br><br>                        add_header 'Access-Control-Max-Age' 1728000;<br>                        add_header 'Access-Control-Allow-Origin' '*';<br>                        add_header 'Access-Control-Allow-Credenti<wbr>als' 'true';<br>                        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br>                        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive<wbr>,User-Agent,X-Requested-With,I<wbr>f-Modified-Since,Cache-Control<wbr>,Content-Type';<br><br>                        auth_basic 'Restricted';<br>                        auth_basic_user_file /etc/nginx/ssl/.htpasswd;<br><br>                        proxy_set_header 'Access-Control-Max-Age' 1728000;<br>                        proxy_set_header 'Access-Control-Allow-Origin' '*';<br>                        proxy_set_header 'Access-Control-Allow-Credenti<wbr>als' 'true';<br>                        proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';<br>                        proxy_set_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive<wbr>,User-Agent,X-Requested-With,I<wbr>f-Modified-Since,Cache-Control<wbr>,Content-Type';<br><br>                        proxy_pass $forwarded_protocol://<a href="http://127.0.0." target="_blank">127.0.0.</a><wbr>1:$forwarded_port;<br><br>                }<br>        }<br>##############################<wbr>###########################<br></div><div class="gmail_extra"><div><div class="m_-6041974815253305957m_-790263869891113912h5"><br><div class="gmail_quote">On Wed, Apr 12, 2017 at 6:13 PM, Ajay Garg <span dir="ltr"><<a href="mailto:ajaygargnsit@gmail.com" target="_blank">ajaygargnsit@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><span class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail-objectBox m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail-objectBox-errorMessage"><span class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643errorMessage">Hi All.<br><br></span></span></div><span class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail-objectBox m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail-objectBox-errorMessage"><span class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643errorMessage">We are facing the following issue :<br></span></span><div><div><span class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail-objectBox m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail-objectBox-errorMessage"><span class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643errorMessage"><br>Cross-Origin
 Request Blocked: The Same Origin Policy disallows reading the remote 
resource at <a href="https://1.2.3.4/" target="_blank">https://1.2.3.4/</a>. (Reason: CORS header 
'Access-Control-<br>Allow-Origin' missing).</span></span><br><br></div><div>Have tried everything I could find on the google, but nothing works (whatever I do in /etc/nginx/sites-available/def<wbr>ault)<br></div><div><br><br></div><div>So, first question first, is it even possible to solve this issue on the version, as per the information below ::<br></div><div><br>##############################<wbr>##########################<br>nginx -V<br>nginx version: nginx/1.4.6 (Ubuntu)<br>built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3) <br>TLS SNI support enabled<br>configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-<wbr>functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.c<wbr>onf --http-log-path=/var/log/nginx<wbr>/access.log --error-log-path=/var/log/ngin<wbr>x/error.log --lock-path=/var/lock/nginx.lo<wbr>ck --pid-path=/run/nginx.pid --http-client-body-temp-path=/<wbr>var/lib/nginx/body --http-fastcgi-temp-path=/var/<wbr>lib/nginx/fastcgi --http-proxy-temp-path=/var/li<wbr>b/nginx/proxy --http-scgi-temp-path=/var/lib<wbr>/nginx/scgi --http-uwsgi-temp-path=/var/li<wbr>b/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_modul<wbr>e --with-http_mp4_module --with-http_perl_module --with-http_random_index_modul<wbr>e --with-http_secure_link_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>headers-more-nginx-module --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-auth-pam --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-cache-purge --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-dav-ext-module --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-development-kit --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-echo --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>ngx-fancyindex --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-http-push --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-lua --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-upload-progress --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>nginx-upstream-fair --add-module=/build/nginx-9sG_<wbr>hy/nginx-1.4.6/debian/modules/<wbr>ngx_http_substitutions_filter_<wbr>module<br>##############################<wbr>############################<br><br clear="all"><br><br><div class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445m_-1183104852420726643gmail_signature">Thanks and Regards,<br>Ajay<br></div>
</div></div></div>
</blockquote></div><br><br clear="all"><br></div></div><span class="m_-6041974815253305957m_-790263869891113912HOEnZb"><font color="#888888">-- <br><div class="m_-6041974815253305957m_-790263869891113912m_-7629809308699495445gmail_signature" data-smartmail="gmail_signature">Regards,<br>Ajay<br></div>
</font></span></div>
<br></div></div>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br></blockquote></div><br></div>
<br>______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/mailm<wbr>an/listinfo/nginx</a><br></blockquote></div><br><br clear="all"><br></div></div><span class="HOEnZb"><font color="#888888">-- <br><div class="m_-6041974815253305957gmail_signature" data-smartmail="gmail_signature">Regards,<br>Ajay<br></div>
</font></span></div>
</blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">Regards,<br>Ajay<br></div>
</div>