server-configs-nginx/h5bp/cross-origin/requests.conf

19 lines
739 B
Nginx Configuration File
Raw Permalink Normal View History

# ----------------------------------------------------------------------
# | Cross-origin requests |
# ----------------------------------------------------------------------
# Allow cross-origin requests.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
# https://enable-cors.org/
# https://www.w3.org/TR/cors/
# (!) Do not use this without understanding the consequences.
# This will permit access from any other website.
# Instead of using this file, consider using a specific rule such as
# allowing access based on (sub)domain:
#
# add_header Access-Control-Allow-Origin "subdomain.example.com";
add_header Access-Control-Allow-Origin $cors;