CORS headers not being set for a 401 response from upstream.

manimalcruelty nginx-forum at
Fri Aug 21 17:30:15 UTC 2015

To quote previous email from Maxim:

  "In javascript, the code should test the "status" property of the
XMLHttpRequest object to find out if the request was successful or not"

The problem here is that xhr.status === 0 if you don't have CORS headers
present. If nginx doesn't allow you to add_headers for a 401, a 504, a 404
etc then a Javascript app can't react to each response individually. 

Isn't it a little rudimentary to expect a Javascript app to treat to all
server errors in the same way? Simply because 401 !== 504.

Posted at Nginx Forum:,250740,261171#msg-261171

More information about the nginx mailing list