/
110-cors_d.conf
53 lines (42 loc) · 2.17 KB
/
110-cors_d.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<VirtualHost *:1443>
#### STEP 1. Update the port number (1443 on the line above) to the
# port you want to use.
# The standard port is 443
#### STEP 2. Update the ServerName item to your domain name
ServerName cors-d.worldwidecorp.us
#### STEP 3. Update if needed
DocumentRoot /var/www/cors-d
ServerAdmin webmaster@localhost
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
LogLevel info
LogLevel ssl:warn
# Add vhost name to log entries:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
ErrorLog ${APACHE_LOG_DIR}/cors-d_error.log
CustomLog ${APACHE_LOG_DIR}/cors-d.log vhost_combined
# Enabling CORS support
# See https://benjaminhorn.io/code/setting-cors-cross-origin-resource-sharing-on-apache-with-correct-response-headers-allowing-everything-through/
#
#### STEP 4. Update to the hostname that hosts your webapp
Header always set Access-Control-Allow-Origin "https://your_apps_host.com"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Content-Type, Authorization, Accept-Encoding, Accept, Cache-Control, Cookie, Content-Length, Host, Referer, User-Agent"
Header always set Access-Control-Expose-Headers "Cache-Control, Content-Encoding, Content-Length, Content-Type, Date, Strict-Transport-Security, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-DocuSign-TraceToken, Cookie"
Header always set Access-Control-Max-Age "1000"
# Handle preflight requests from the client's browser
RewriteEngine On
# Respond with a 200 SUCCESS on every OPTIONS request.
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
CacheDisable /
SSLProxyEngine on
RequestHeader set Front-End-Https "On"
# For the demo.docusign.com proxy
ProxyPass / https://demo.docusign.net/
ProxyPassReverse / https://demo.docusign.net/
</VirtualHost>