Unable to resolve the "Access-Control-Allow-Origin" issue

Ajay Garg ajaygargnsit at gmail.com
Wed Apr 12 17:24:42 UTC 2017 

Hi Richard.

Thanks for the help.

I added 'always' as the last argument in all the "add_header" and
"proxy_set_header" directives.
Unfortunately, I receive the following on the very first "add_header"
directive ::

#####################################################
2017/04/12 17:18:22 [emerg] 28540#0: invalid number of arguments in
"add_header" directive in /etc/nginx/sites-enabled/default:22
#####################################################


I guess the 'always' argument requires nginx >= 1.7.5.


Is there a pre-built package available for nginx?
Our linux-machine is ::

#####################################################
uname -a
Linux proxy 3.13.0-108-generic #155-Ubuntu SMP Wed Jan 11 16:58:52 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux
#####################################################

If not, I guess the link to use is http://nginx.org/en/docs/configure.html,
but I am very afraid that I might miss something, so a pre-built package >=
1.7.5 (provided one exists) for our linux-machine would be great :)


Thanks for the help so far !!!


Thanks and Regards,
Ajay

On Wed, Apr 12, 2017 at 8:30 PM, Richard Stanway <r1ch+nginx at teamliquid.net>
wrote:

> Your are using auth_basic, so the 401 response code is not in the range
> that add_header works with ("Adds the specified field to a response header
> provided that the response code equals 200, 201, 204, 206, 301, 302, 303,
> 304, or 307."). You need to use "always" if you want to include the header
> in all responses. See the documentation for more details.
>
> http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
>
> On Wed, Apr 12, 2017 at 4:48 PM, Ajay Garg <ajaygargnsit at gmail.com> wrote:
>
>> For the record, here is the server-block ::
>>
>>
>> #########################################################
>> server {
>>
>>                 listen 443 ssl;
>>
>>                 ssl_certificate /etc/nginx/ssl/nginx.crt;
>>                 ssl_certificate_key /etc/nginx/ssl/nginx.key;
>>
>>                 add_header 'Access-Control-Max-Age' 1728000;
>>                 add_header 'Access-Control-Allow-Origin' $http_origin;
>>                 add_header 'Access-Control-Allow-Credentials' 'true';
>>                 add_header 'Access-Control-Allow-Methods' 'GET, POST,
>> OPTIONS';
>>                 add_header 'Access-Control-Allow-Headers'
>> 'DNT,Access-Control-Allow-Origin,X-CustomHeader,Keep-Alive,
>> User-Agent,X-Requested-With,If-Modified-Since,Cache-Contro
>> l,Content-Type';
>>
>>                 location / {
>>
>>                         add_header 'Access-Control-Max-Age' 1728000;
>>                         add_header 'Access-Control-Allow-Origin' '*';
>>                         add_header 'Access-Control-Allow-Credentials'
>> 'true';
>>                         add_header 'Access-Control-Allow-Methods' 'GET,
>> POST, OPTIONS';
>>                         add_header 'Access-Control-Allow-Headers'
>> 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,
>> If-Modified-Since,Cache-Control,Content-Type';
>>
>>                         auth_basic 'Restricted';
>>                         auth_basic_user_file /etc/nginx/ssl/.htpasswd;
>>
>>                         proxy_set_header 'Access-Control-Max-Age' 1728000;
>>                         proxy_set_header 'Access-Control-Allow-Origin'
>> '*';
>>                         proxy_set_header 'Access-Control-Allow-Credentials'
>> 'true';
>>                         proxy_set_header 'Access-Control-Allow-Methods'
>> 'GET, POST, OPTIONS';
>>                         proxy_set_header 'Access-Control-Allow-Headers'
>> 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,
>> If-Modified-Since,Cache-Control,Content-Type';
>>
>>                         proxy_pass $forwarded_protocol://127.0.0.
>> 1:$forwarded_port;
>>
>>                 }
>>         }
>> #########################################################
>>
>> On Wed, Apr 12, 2017 at 6:13 PM, Ajay Garg <ajaygargnsit at gmail.com>
>> wrote:
>>
>>> Hi All.
>>>
>>> We are facing the following issue :
>>>
>>> Cross-Origin Request Blocked: The Same Origin Policy disallows reading
>>> the remote resource at https://1.2.3.4/. (Reason: CORS header
>>> 'Access-Control-
>>> Allow-Origin' missing).
>>>
>>> Have tried everything I could find on the google, but nothing works
>>> (whatever I do in /etc/nginx/sites-available/default)
>>>
>>>
>>> So, first question first, is it even possible to solve this issue on the
>>> version, as per the information below ::
>>>
>>> ########################################################
>>> nginx -V
>>> nginx version: nginx/1.4.6 (Ubuntu)
>>> built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)
>>> TLS SNI support enabled
>>> configure arguments: --with-cc-opt='-g -O2 -fstack-protector
>>> --param=ssp-buffer-size=4 -Wformat -Werror=format-security
>>> -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions
>>> -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf
>>> --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
>>> --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid
>>> --http-client-body-temp-path=/var/lib/nginx/body
>>> --http-fastcgi-temp-path=/var/lib/nginx/fastcgi
>>> --http-proxy-temp-path=/var/lib/nginx/proxy
>>> --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi
>>> --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module
>>> --with-http_stub_status_module --with-http_realip_module
>>> --with-http_addition_module --with-http_dav_module --with-http_flv_module
>>> --with-http_geoip_module --with-http_gzip_static_module
>>> --with-http_image_filter_module --with-http_mp4_module
>>> --with-http_perl_module --with-http_random_index_module
>>> --with-http_secure_link_module --with-http_spdy_module
>>> --with-http_sub_module --with-http_xslt_module --with-mail
>>> --with-mail_ssl_module --add-module=/build/nginx-9sG_
>>> hy/nginx-1.4.6/debian/modules/headers-more-nginx-module
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-auth-pam
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-cache-purge
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-dav-ext-module
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-development-kit
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-echo
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/ngx-fancyindex
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-http-push
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-lua
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-upload-progress
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/nginx-upstream-fair
>>> --add-module=/build/nginx-9sG_hy/nginx-1.4.6/debian/modules/
>>> ngx_http_substitutions_filter_module
>>> ##########################################################
>>>
>>>
>>>
>>> Thanks and Regards,
>>> Ajay
>>>
>>
>>
>>
>> --
>> Regards,
>> Ajay
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



-- 
Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170412/b10c04e1/attachment.html>

More information about the nginx mailing list