diff options
author | lassulus <git@lassul.us> | 2023-09-03 12:09:51 +0200 |
---|---|---|
committer | lassulus <git@lassul.us> | 2023-09-03 12:09:51 +0200 |
commit | fd5615dd2234b2e63850d8f509499a718fe53b2b (patch) | |
tree | bed4f0c969343b99af817c85a8e2ead8259de05a | |
parent | c1b812509e476a445fcf3dc6e56bff2d0eed2d9c (diff) |
l paste: try to fix CORS
-rw-r--r-- | lass/2configs/paste.nix | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/lass/2configs/paste.nix b/lass/2configs/paste.nix index 87768a452..86f0dba15 100644 --- a/lass/2configs/paste.nix +++ b/lass/2configs/paste.nix @@ -10,8 +10,8 @@ with import <stockholm/lib>; proxy_pass http://127.0.0.1:${toString config.krebs.htgen.cyberlocker.port}; ''; extraConfig = '' - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header Access-Control-Allow-Origin * always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; ''; }; services.nginx.virtualHosts.paste = { @@ -48,8 +48,8 @@ with import <stockholm/lib>; proxy_pass http://127.0.0.1:${toString config.krebs.htgen.cyberlocker.port}; ''; extraConfig = '' - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header Access-Control-Allow-Origin * always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; ''; }; services.nginx.virtualHosts."p.krebsco.de" = { @@ -57,6 +57,10 @@ with import <stockholm/lib>; addSSL = true; serverAliases = [ "p.krebsco.de" ]; locations."/".extraConfig = '' + if ($request_method = 'OPTIONS') { + return 204; + } + client_max_body_size 4G; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port}; @@ -75,8 +79,9 @@ with import <stockholm/lib>; proxy_pass_header Server; ''; extraConfig = '' - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header Access-Control-Allow-Headers Authorization always; + add_header Access-Control-Allow-Origin * always; + add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; ''; }; |