Unable to resolve the "Access-Control-Allow-Origin" issue

Richard Stanway r1ch+nginx at teamliquid.net
Wed Apr 12 15:00:15 UTC 2017


Your are using auth_basic, so the 401 response code is not in the range
that add_header works with ("Adds the specified field to a response header
provided that the response code equals 200, 201, 204, 206, 301, 302, 303,
304, or 307."). You need to use "always" if you want to include the header
in all responses. See the documentation for more details.

http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header

On Wed, Apr 12, 2017 at 4:48 PM, Ajay Garg <ajaygargnsit at gmail.com> wrote:

> For the record, here is the server-block ::
>
>
> #########################################################
> server {
>
>                 listen 443 ssl;
>
>                 ssl_certificate /etc/nginx/ssl/nginx.crt;
>                 ssl_certificate_key /etc/nginx/ssl/nginx.key;
>
>                 add_header 'Access-Control-Max-Age' 1728000;
>                 add_header 'Access-Control-Allow-Origin' $http_origin;
>                 add_header 'Access-Control-Allow-Credentials' 'true';
>                 add_header 'Access-Control-Allow-Methods' 'GET, POST,
> OPTIONS';
>                 add_header 'Access-Control-Allow-Headers'
> 'DNT,Access-Control-Allow-Origin,X-CustomHeader,Keep-
> Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-
> Control,Content-Type';
>
>                 location / {
>
>                         add_header 'Access-Control-Max-Age' 1728000;
>                         add_header 'Access-Control-Allow-Origin' '*';
>                         add_header 'Access-Control-Allow-Credentials'
> 'true';
>                         add_header 'Access-Control-Allow-Methods' 'GET,
> POST, OPTIONS';
>                         add_header 'Access-Control-Allow-Headers'
> 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-
> With,If-Modified-Since,Cache-Control,Content-Type';
>
>                         auth_basic 'Restricted';
>                         auth_basic_user_file /etc/nginx/ssl/.htpasswd;
>
>                         proxy_set_header 'Access-Control-Max-Age' 1728000;
>                         proxy_set_header 'Access-Control-Allow-Origin' '*';
>                         proxy_set_header 'Access-Control-Allow-Credentials'
> 'true';
>                         proxy_set_header 'Access-Control-Allow-Methods'
> 'GET, POST, OPTIONS';
>                         proxy_set_header 'Access-Control-Allow-Headers'
> 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-
> With,If-Modified-Since,Cache-Control,Content-Type';
>
>                         proxy_pass $forwarded_protocol://127.0.0.
> 1:$forwarded_port;
>
>                 }
>         }
> #########################################################
>
> On Wed, Apr 12, 2017 at 6:13 PM, Ajay Garg <ajaygargnsit at gmail.com> wrote:
>
>> Hi All.
>>
>> We are facing the following issue :
>>
>> Cross-Origin Request Blocked: The Same Origin Policy disallows reading
>> the remote resource at https://1.2.3.4/. (Reason: CORS header
>> 'Access-Control-
>> Allow-Origin' missing).
>>
>> Have tried everything I could find on the google, but nothing works
>> (whatever I do in /etc/nginx/sites-available/default)
>>
>>
>> So, first question first, is it even possible to solve this issue on the
>> version, as per the information below ::
>>
>> ########################################################
>> nginx -V
>> nginx version: nginx/1.4.6 (Ubuntu)
>> built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)
>> TLS SNI support enabled
>> configure arguments: --with-cc-opt='-g -O2 -fstack-protector
>> --param=ssp-buffer-size=4 -Wformat -Werror=format-security
>> -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions
>> -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf
>> --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
>> --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid
>> --http-client-body-temp-path=/var/lib/nginx/body
>> --http-fastcgi-temp-path=/var/lib/nginx/fastcgi
>> --http-proxy-temp-path=/var/lib/nginx/proxy
>> --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi
>> --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module
>> --with-http_stub_status_module --with-http_realip_module
>> --with-http_addition_module --with-http_dav_module --with-http_flv_module
>> --with-http_geoip_module --with-http_gzip_static_module
>> --with-http_image_filter_module --with-http_mp4_module
>> --with-http_perl_module --with-http_random_index_module
>> --with-http_secure_link_module --with-http_spdy_module
>> --with-http_sub_module --with-http_xslt_module --with-mail
>> --with-mail_ssl_module --add-module=/build/nginx-9sG_
>> hy/nginx-1.4.6/debian/modules/headers-more-nginx-module
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-auth-pam
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-cache-purge
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-dav-ext-module
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-development-kit
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-echo
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/ngx-fancyindex
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-http-push
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-lua
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-upload-progress
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-upstream-fair
>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/
>> ngx_http_substitutions_filter_module
>> ##########################################################
>>
>>
>>
>> Thanks and Regards,
>> Ajay
>>
>
>
>
> --
> Regards,
> Ajay
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170412/460b5075/attachment.html>


More information about the nginx mailing list