Allow all Access-Control-Allow-Headers


I have a nginx in front of many differrents web applications. At this
time a
have a generic configuration for all applications.
Now I need to allow all Access-Control-Allow-Headers but I did not find
to do this.

One of the web application behind my nginx reverse proxy set custom
At this time i create a specific nginx configuration file for this
application with configuration :

if ($request_method = 'OPTIONS') {
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    add_header 'Access-Control-Allow-Headers'

add_header ‘Access-Control-Max-Age’ 1728000;
add_header ‘Content-Type’ ‘text/plain charset=UTF-8’;
add_header ‘Content-Length’ 0;
return 204;

But I don’t like this solution because I need to have a generic
configuration for all web applications behind the nginx.

Is it possible to allow all “Access-Control-Allow-Headers” for all

Thanks for your reply.


Posted at Nginx Forum: