server-configs-nginx/h5bp/cross-origin/requests.conf

# ----------------------------------------------------------------------
# | Cross-origin requests                                              |
# ----------------------------------------------------------------------

# Allow cross-origin requests.
#
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
# https://enable-cors.org/
# https://www.w3.org/TR/cors/

# (!) Do not use this without understanding the consequences.
#     This will permit access from any other website.
#
# Instead of using this file, consider using a specific rule such as:
#
# Allow access based on [sub]domain:
#    add_header Access-Control-Allow-Origin "subdomain.example.com";

add_header Access-Control-Allow-Origin "*";
Split directives to enforce atomic structure * Enforce H5BP style * Improve inline documentation to simplify maintenance * Prepare v3 2018-11-23 17:14:15 +01:00			`# ----------------------------------------------------------------------`
			`# \| Cross-origin requests \|`
			`# ----------------------------------------------------------------------`

			`# Allow cross-origin requests.`
			`#`
			`# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS`
			`# https://enable-cors.org/`
			`# https://www.w3.org/TR/cors/`

			`# (!) Do not use this without understanding the consequences.`
			`# This will permit access from any other website.`
			`#`
			`# Instead of using this file, consider using a specific rule such as:`
			`#`
			`# Allow access based on [sub]domain:`
			`# add_header Access-Control-Allow-Origin "subdomain.example.com";`

			`add_header Access-Control-Allow-Origin "*";`