@@ -37,6 +37,16 @@ http {
37
37
proxy_send_timeout 600;
38
38
39
39
#gzip on;
40
+
41
+ # Default: Nginx does not set empty string headers, therefore no header will be set
42
+ # Second regex matches localhost:XXXX
43
+ # This map block tries to match the contents of http_origin against the regexes below.
44
+ # If a regex matches, the value under $allow_origin is put into the $allow_origin variable.
45
+ map "$http_origin" $allow_origin {
46
+ default '';
47
+ "~^https?:\/\/(.*\.)?aldrune.com(:\d+)?$" "$http_origin";
48
+ "~^https?:\/\/(.*\.)?localhost(:\d+)?$" "$http_origin";
49
+ }
40
50
41
51
server {
42
52
listen 80;
@@ -60,14 +70,16 @@ http {
60
70
61
71
root /frontend;
62
72
63
-
64
73
gzip on;
65
74
gzip_vary on;
66
75
gzip_min_length 1000;
67
76
gzip_proxied any;
68
77
gzip_comp_level 9;
69
78
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/xml+rss;
70
79
80
+ # Allows the origin of the request if it matched any of the regular expressions in the block `map $http_origin $allow_origin`
81
+ add_header 'Access-Control-Allow-Origin' $allow_origin;
82
+
71
83
# Config stuff
72
84
location /nginx_status {
73
85
# Enable Nginx stats
@@ -81,15 +93,13 @@ http {
81
93
# Image files
82
94
location /media/ {
83
95
#CORS
84
- add_header Access-Control-Allow-Origin '*';
85
96
add_header Cache-Control 'public, max-age=604800'; # cache for 1 week
86
97
87
98
alias /imagemedia/;
88
99
}
89
100
90
101
location /campaign_icons/ {
91
102
#CORS
92
- add_header Access-Control-Allow-Origin '*';
93
103
add_header Cache-Control 'public, max-age=604800'; # cache for 1 week
94
104
95
105
alias /imagemedia/campaign_icons/;
@@ -115,7 +125,6 @@ http {
115
125
# Serves audiofiles for streaming
116
126
location /session_audio/ {
117
127
#CORS
118
- add_header Access-Control-Allow-Origin '*';
119
128
alias /session_audio/;
120
129
}
121
130
@@ -132,10 +141,10 @@ http {
132
141
report_uploads uploads;
133
142
}
134
143
135
- location /db_dumps/ {
144
+ location /wiki1/api/db_dumps/ {
145
+
136
146
# Serves files from /db_dumps/ but checks for authentication first
137
147
auth_request /auth ;
138
- add_header Access-Control-Allow-Origin '*';
139
148
add_header Cache-Control 'public, max-age=21600'; # cache for 6h
140
149
alias /db_dumps/;
141
150
}
@@ -155,6 +164,8 @@ http {
155
164
location /wiki1/api {
156
165
rewrite ^/wiki1/api/(.*) /$1 break; #Removes "/wiki1/api" from the url for the web-application-server
157
166
167
+ add_header Access-Control-Allow-Credentials true;
168
+
158
169
proxy_pass http://nswebserver:8080; #Hands request over to localhost:8080 where the web-application server is
159
170
proxy_set_header Host $host;
160
171
proxy_send_timeout 300s;
@@ -167,8 +178,6 @@ http {
167
178
# Serves the frontend which is an angular application
168
179
location /wiki2 {
169
180
# CORS
170
- add_header Access-Control-Allow-Origin '*';
171
-
172
181
# Cache headers
173
182
add_header Cache-Control 'public, max-age=86400'; # cache for 1 day
174
183
0 commit comments