Self Hosted - Self-hosting your services.

11197 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

No harassment
crossposts from c/Open Source & c/docker & related may be allowed, depending on context
Video Promoting is allowed if is within the topic.
No spamming.
Stay friendly.
Follow the lemmy.ml instance rules.
Tag your post. (Read under)

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.

Cross-posting

!everything_git@lemmy.ml is allowed!
!docker@lemmy.ml is allowed!
!portainer@lemmy.ml is allowed!
!fediverse@lemmy.ml is allowed if topic has to do with selfhosting.
!selfhosted@lemmy.ml is allowed!

If you see a rule-breaker please DM the mods!

founded 3 years ago

MODERATORS

dogmuffins@lemmy.ml

Zoe8338@lemmy.ml

testman@lemmy.ml

Nginx how enable CORS for multi origins ? (programming.dev)

submitted 3 weeks ago by Rick_C137@programming.dev to c/selfhost@lemmy.ml

1 comments fedilink hide all child comments

cross-posted from: https://programming.dev/post/18360806

Hi everyone,

I would like to enable Cross-Origin Resource Sharing on my Nginx server. for few origins (cors requestor)/domains.

I've found this article https://www.juannicolas.eu/how-to-set-up-nginx-cors-multiple-origins that is nice, but not complete and on my browser seem really hard to read due to the layout 🤮

So I've opened a CodeBerg git repository for the good soul that want to perfect this piece of code the allow the most of use to use CORS with Nginx.

https://codeberg.org/R1ckSanchez_C137/BestOfxxx/src/branch/main/Nginx/CORS_MultiDomains.py

If you don't want to create an account on codeberg feel free to post your code here !

server {
    # Server

    map "$http_origin" $cors { # map in Nginx is somewhat like a switch case in a programming language.
        default ''; #Seem to set $cors to '' empty string if none of the follwing rexeg match ?
        "~^https:\/\/([\w-_\.]+\.)?example.com$" "$http_origin";
            #regex domain match
            # ~ mean I suppose the string is RegEx ?
            # Need to come with a RegEx expression that match https://anything.example.com[optional ports and Query string ?X=Y]
        "~^https:\/\/([\w-_\.]+\.)?example2.com$" "$http_origin"; #regex domain match
        }
               

    location /static {
        
        # if preflight request, we will cache it
        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Max-Age' 1728000; #20 days
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            add_header 'Content-Length' 0;
            return 204; #https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/204 }

        if ($cors != "") {
            add_header 'Access-Control-Allow-Origin' "$cors" always; # <-- Variable $cors
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
            add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With' always;}

       # configuration lines...

    }
}

}

top 1 comments

sorted by: hot top controversial new old

[–] Bourff@lemmy.world 0 points 3 weeks ago

You either allow a single origin, or allow them all with "*".