Allow all Access-Control-Allow-Headers

cyrille nginx-forum at nginx.us
Wed May 20 08:42:20 UTC 2015


Hi,

I have a nginx in front of many differrents web applications. At this time a
have a generic configuration for all applications.
Now I need to allow all Access-Control-Allow-Headers but I did not find how
to do this.

One of the web application behind my nginx reverse proxy set custom headers.
At this time i create a specific nginx configuration file for this
application with configuration :

    if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers'
'traceId,channel,callerId,version,type';
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
     }
 
But I don't like this solution because I need to have a generic
configuration for all web applications behind the nginx.

Is it possible to allow all "Access-Control-Allow-Headers" for all request
?

Thanks for your reply.

Regards.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,258998,258998#msg-258998



More information about the nginx mailing list