Allow all Access-Control-Allow-Headers

Detlef_R · May 20, 2015, 10:42am

Hi,

I have a nginx in front of many differrents web applications. At this
time a
have a generic configuration for all applications.
Now I need to allow all Access-Control-Allow-Headers but I did not find
how
to do this.

One of the web application behind my nginx reverse proxy set custom
headers.
At this time i create a specific nginx configuration file for this
application with configuration :

if ($request_method = 'OPTIONS') {
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    add_header 'Access-Control-Allow-Headers'

‘traceId,channel,callerId,version,type’;
add_header ‘Access-Control-Max-Age’ 1728000;
add_header ‘Content-Type’ ‘text/plain charset=UTF-8’;
add_header ‘Content-Length’ 0;
return 204;
}

But I don’t like this solution because I need to have a generic
configuration for all web applications behind the nginx.

Is it possible to allow all “Access-Control-Allow-Headers” for all
request
?

Thanks for your reply.

Regards.

Posted at Nginx Forum: