discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

corsfix4

Browse Source
This commit is contained in:
Untone 2024-12-17 20:06:15 +03:00
parent 0923dc61d6
commit daf5336410
2 changed files with 23 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/features.md
View File

@ -26,10 +26,10 @@
## CORS Configuration ## CORS Configuration
- Поддерживаются домены: - Поддерживаются домены:
- localhost (включая поддомены и порты) - *.dscrs.site (включая testing.dscrs.site, core.dscrs.site)
- *.dscrs.site (включая testing.dscrs.site) - *.discours.io (включая testing.discours.io)
- *.discours.io - localhost (включая порты)
- Поддерживаемые методы: GET, POST, OPTIONS - Поддерживаемые методы: GET, POST, OPTIONS
- Настроена поддержка credentials - Настроена поддержка credentials
- Настроена обработка preflight-запросов - Разрешенные заголовки: Authorization, Content-Type, X-Requested-With, DNT, Cache-Control
- Настроено кэширование preflight-ответов на 20 дней (1728000 секунд) - Настроено кэширование preflight-ответов на 20 дней (1728000 секунд)

31
nginx.conf.sigil
View File

@ -1,16 +1,13 @@
{{ $proxy_settings := "proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header Host $http_host; proxy_set_header X-Request-Start $msec;" }} {{ $proxy_settings := "proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header Host $http_host; proxy_set_header X-Request-Start $msec;" }}
{{ $gzip_settings := "gzip on; gzip_min_length 1100; gzip_buffers 4 32k; gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml; gzip_vary on; gzip_comp_level 6;" }} {{ $gzip_settings := "gzip on; gzip_min_length 1100; gzip_buffers 4 32k; gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml; gzip_vary on; gzip_comp_level 6;" }}
{{ $cors_headers_options := "if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '$allow_origin' always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header 'Access-Control-Max-Age' 1728000 always; add_header 'Content-Type' 'text/plain; charset=utf-8'; add_header 'Content-Length' 0; return 204; }" }}
{{ $cors_headers_post := "if ($request_method = 'POST') { add_header 'Access-Control-Allow-Origin' '$allow_origin' always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; }" }}
{{ $cors_headers_get := "if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '$allow_origin' always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; }" }}
map $http_origin $allow_origin { map $http_origin $allow_origin {
"https://testing.dscrs.site" "https://testing.dscrs.site"; "https://testing.dscrs.site" "https://testing.dscrs.site";
"https://testing.discours.io" "https://testing.discours.io";
"https://core.dscrs.site" "https://core.dscrs.site"; "https://core.dscrs.site" "https://core.dscrs.site";
"~^https?://localhost(:[0-9]+)?$" $http_origin;
"~^https?://(.*\.)?dscrs\.site$" $http_origin; "~^https?://(.*\.)?dscrs\.site$" $http_origin;
"~^https?://(.*\.)?discours\.io$" $http_origin; "~^https?://(.*\.)?discours\.io$" $http_origin;
"~^https?://localhost(:[0-9]+)?$" $http_origin;
default ""; default "";
} }
@ -56,19 +53,19 @@ server {
{{ $proxy_settings }} {{ $proxy_settings }}
{{ $gzip_settings }} {{ $gzip_settings }}
add_header 'Access-Control-Allow-Origin' $allow_origin always; if ($allow_origin != "") {
add_header 'Access-Control-Allow-Credentials' 'true' always; add_header "Access-Control-Allow-Origin" $allow_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header "Access-Control-Allow-Credentials" "true" always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS" always;
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; add_header "Access-Control-Allow-Headers" "Authorization, Content-Type, X-Requested-With, DNT, Cache-Control" always;
}
if ($request_method = 'OPTIONS') { if ($request_method = "OPTIONS") {
add_header 'Access-Control-Allow-Origin' $allow_origin always; add_header "Access-Control-Allow-Origin" $allow_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header "Access-Control-Allow-Credentials" "true" always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS" always;
add_header 'Access-Control-Max-Age' 1728000 always; add_header "Access-Control-Allow-Headers" "Authorization, Content-Type, X-Requested-With, DNT, Cache-Control" always;
add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header "Access-Control-Max-Age" 1728000;
add_header 'Content-Length' 0;
return 204; return 204;
} }