From 4f1ca7a3ce8756f71500f79541a6bbe62a0e2efc Mon Sep 17 00:00:00 2001
From: Nicolai Willems <niw@digiseg.io>
Date: Fri, 3 Feb 2023 11:20:21 +0100
Subject: [PATCH] fix: avoid overwriting headers when doing cors

This change renames the cors origin variable, such that http origin stays useable
---
 internal/ingress/controller/template/template.go | 4 ++--
 rootfs/etc/nginx/template/nginx.tmpl             | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/internal/ingress/controller/template/template.go b/internal/ingress/controller/template/template.go
index 315262150..59f5f9b57 100644
--- a/internal/ingress/controller/template/template.go
+++ b/internal/ingress/controller/template/template.go
@@ -1788,7 +1788,7 @@ func buildOriginRegex(origin string) string {
 
 func buildCorsOriginRegex(corsOrigins []string) string {
 	if len(corsOrigins) == 1 && corsOrigins[0] == "*" {
-		return "set $http_origin *;\nset $cors 'true';"
+		return "set $cors_origin *;\nset $cors 'true';"
 	}
 
 	var originsRegex string = "if ($http_origin ~* ("
@@ -1802,6 +1802,6 @@ func buildCorsOriginRegex(corsOrigins []string) string {
 			}
 		}
 	}
-	originsRegex = originsRegex + ")$ ) { set $cors 'true'; }"
+	originsRegex = originsRegex + ")$ ) { set $cors_origin $http_origin;\nset $cors 'true'; }"
 	return originsRegex
 }
diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl
index 958397dd5..ef3013aa0 100755
--- a/rootfs/etc/nginx/template/nginx.tmpl
+++ b/rootfs/etc/nginx/template/nginx.tmpl
@@ -930,7 +930,7 @@ stream {
      }
 
      if ($cors = "true") {
-        more_set_headers 'Access-Control-Allow-Origin: $http_origin';
+        more_set_headers 'Access-Control-Allow-Origin: $cors_origin';
         {{ if $cors.CorsAllowCredentials }} more_set_headers 'Access-Control-Allow-Credentials: {{ $cors.CorsAllowCredentials }}'; {{ end }}
         more_set_headers 'Access-Control-Allow-Methods: {{ $cors.CorsAllowMethods }}';
         more_set_headers 'Access-Control-Allow-Headers: {{ $cors.CorsAllowHeaders }}';
@@ -939,7 +939,7 @@ stream {
      }
 
      if ($cors = "trueoptions") {
-        more_set_headers 'Access-Control-Allow-Origin: $http_origin';
+        more_set_headers 'Access-Control-Allow-Origin: $cors_origin';
         {{ if $cors.CorsAllowCredentials }} more_set_headers 'Access-Control-Allow-Credentials: {{ $cors.CorsAllowCredentials }}'; {{ end }}
         more_set_headers 'Access-Control-Allow-Methods: {{ $cors.CorsAllowMethods }}';
         more_set_headers 'Access-Control-Allow-Headers: {{ $cors.CorsAllowHeaders }}';