| layout | title | date | categories | redirect_from | |
|---|---|---|---|---|---|
post |
Allow both HTTP and HTTPS and multi domain in CORS header on nginx |
2017-09-13 03:51:36 +0200 |
cors nginx |
|
Wanted to allow both HTTP and HTTPS to POST to the API of an old solution I've been maintaining lately. But the Access-Control-Allow-Origin only allows a single domain with strict scheme. This made me look around in the nginx docs again.
Since my site is also answering on multiple domains, this is pretty neat:
server_name example.com www.example.com;
location /api/ {
add_header Access-Control-Allow-Origin "${scheme}://${server_name}";
proxy_pass http://localhost:4242/;
}