fix: avoid overwriting headers when doing cors

This change renames the cors origin variable, such that http origin stays useable
This commit is contained in:
Nicolai Willems 2023-02-03 11:20:21 +01:00
parent 0a0a3fe258
commit 4f1ca7a3ce
2 changed files with 4 additions and 4 deletions

View file

@ -1788,7 +1788,7 @@ func buildOriginRegex(origin string) string {
func buildCorsOriginRegex(corsOrigins []string) string {
if len(corsOrigins) == 1 && corsOrigins[0] == "*" {
return "set $http_origin *;\nset $cors 'true';"
return "set $cors_origin *;\nset $cors 'true';"
}
var originsRegex string = "if ($http_origin ~* ("
@ -1802,6 +1802,6 @@ func buildCorsOriginRegex(corsOrigins []string) string {
}
}
}
originsRegex = originsRegex + ")$ ) { set $cors 'true'; }"
originsRegex = originsRegex + ")$ ) { set $cors_origin $http_origin;\nset $cors 'true'; }"
return originsRegex
}

View file

@ -930,7 +930,7 @@ stream {
}
if ($cors = "true") {
more_set_headers 'Access-Control-Allow-Origin: $http_origin';
more_set_headers 'Access-Control-Allow-Origin: $cors_origin';
{{ if $cors.CorsAllowCredentials }} more_set_headers 'Access-Control-Allow-Credentials: {{ $cors.CorsAllowCredentials }}'; {{ end }}
more_set_headers 'Access-Control-Allow-Methods: {{ $cors.CorsAllowMethods }}';
more_set_headers 'Access-Control-Allow-Headers: {{ $cors.CorsAllowHeaders }}';
@ -939,7 +939,7 @@ stream {
}
if ($cors = "trueoptions") {
more_set_headers 'Access-Control-Allow-Origin: $http_origin';
more_set_headers 'Access-Control-Allow-Origin: $cors_origin';
{{ if $cors.CorsAllowCredentials }} more_set_headers 'Access-Control-Allow-Credentials: {{ $cors.CorsAllowCredentials }}'; {{ end }}
more_set_headers 'Access-Control-Allow-Methods: {{ $cors.CorsAllowMethods }}';
more_set_headers 'Access-Control-Allow-Headers: {{ $cors.CorsAllowHeaders }}';