Nginx – How to add Access-Control-Allow-Origin header in NGINX for one specific domain

corsnginx

I have problem with my nginx configuration. I want to add Access-Control-Allow-Origin header in nginx config, for one domain but for both http and https

I tried this configuration, but it doesn't work:

add_header 'Access-Control-Allow-Origin' "https://example.com http://example.com" always;

I get error response from browser:

The 'Access-Control-Allow-Origin' header contains multiple values 'https://example.com http://example.com', but only one is allowed. Have the server send the header with a valid value ?

Best Answer

Use nginx's $scheme variable

$scheme

request scheme, “http” or “https”

add_header 'Access-Control-Allow-Origin' "${scheme}://example.com" always;

Related Solutions

Nginx – How to add Access-Control-Allow-Origin in NGINX

Nginx has to be compiled with http://wiki.nginx.org/NginxHttpHeadersModule (default on Ubuntu and some other Linux distros). Then you can do this

location ~* \.(eot|ttf|woff|woff2)$ {
    add_header Access-Control-Allow-Origin *;
}

Nginx – Node.js + Nginx Access-Control-Allow-Origin not working

Solved my own problem. Replaced

add_header

with

proxy_set_header

Best Answer

Related Solutions

Nginx – How to add Access-Control-Allow-Origin in NGINX

Nginx – Node.js + Nginx Access-Control-Allow-Origin not working

Related Topic