From d6a8bbe37b89eb94a7d9fe3d6030900eb5362e8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Dugat?= Date: Tue, 29 May 2018 08:54:38 +0000 Subject: [PATCH] Nginx vhosts headers update --- .../views/Service/Nginx/vhosts/atmo.conf.twig | 13 +++++++++---- .../views/Service/Nginx/vhosts/cerebro.conf.twig | 13 +++++++++---- .../views/Service/Nginx/vhosts/nodejs.conf.twig | 13 +++++++++---- .../Service/Nginx/vhosts/php-symfony.conf.twig | 13 +++++++++---- .../views/Service/Nginx/vhosts/php.conf.twig | 13 +++++++++---- 5 files changed, 45 insertions(+), 20 deletions(-) diff --git a/src/Application/Resources/views/Service/Nginx/vhosts/atmo.conf.twig b/src/Application/Resources/views/Service/Nginx/vhosts/atmo.conf.twig index f81b8fc..276a8c4 100644 --- a/src/Application/Resources/views/Service/Nginx/vhosts/atmo.conf.twig +++ b/src/Application/Resources/views/Service/Nginx/vhosts/atmo.conf.twig @@ -8,12 +8,17 @@ server { location / { proxy_pass http://{{ forService.identifier }}:1337; - add_header 'Access-Control-Allow-Origin' "$http_origin" always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-IODevice-Token'; + add_header 'Access-Control-Allow-Origin' "$http_origin"; + return 204; } } diff --git a/src/Application/Resources/views/Service/Nginx/vhosts/cerebro.conf.twig b/src/Application/Resources/views/Service/Nginx/vhosts/cerebro.conf.twig index 303107f..0851209 100644 --- a/src/Application/Resources/views/Service/Nginx/vhosts/cerebro.conf.twig +++ b/src/Application/Resources/views/Service/Nginx/vhosts/cerebro.conf.twig @@ -8,12 +8,17 @@ server { location / { proxy_pass http://{{ forService.identifier }}:9000; - add_header 'Access-Control-Allow-Origin' "$http_origin" always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-IODevice-Token'; + add_header 'Access-Control-Allow-Origin' "$http_origin"; + return 204; } } diff --git a/src/Application/Resources/views/Service/Nginx/vhosts/nodejs.conf.twig b/src/Application/Resources/views/Service/Nginx/vhosts/nodejs.conf.twig index ea2c491..31ef8fd 100644 --- a/src/Application/Resources/views/Service/Nginx/vhosts/nodejs.conf.twig +++ b/src/Application/Resources/views/Service/Nginx/vhosts/nodejs.conf.twig @@ -9,12 +9,17 @@ server { location / { proxy_pass http://{{ forService.identifier }}:9000; - add_header 'Access-Control-Allow-Origin' "$http_origin" always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-IODevice-Token'; + add_header 'Access-Control-Allow-Origin' "$http_origin"; + return 204; } } diff --git a/src/Application/Resources/views/Service/Nginx/vhosts/php-symfony.conf.twig b/src/Application/Resources/views/Service/Nginx/vhosts/php-symfony.conf.twig index 30f5d9c..0e97d4e 100644 --- a/src/Application/Resources/views/Service/Nginx/vhosts/php-symfony.conf.twig +++ b/src/Application/Resources/views/Service/Nginx/vhosts/php-symfony.conf.twig @@ -22,12 +22,17 @@ server { fastcgi_param HTTPS off; fastcgi_param REMOTE_ADDR 127.0.0.1; - add_header 'Access-Control-Allow-Origin' "$http_origin" always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-IODevice-Token'; + add_header 'Access-Control-Allow-Origin' "$http_origin"; + return 204; } } diff --git a/src/Application/Resources/views/Service/Nginx/vhosts/php.conf.twig b/src/Application/Resources/views/Service/Nginx/vhosts/php.conf.twig index b72175f..ae3643a 100644 --- a/src/Application/Resources/views/Service/Nginx/vhosts/php.conf.twig +++ b/src/Application/Resources/views/Service/Nginx/vhosts/php.conf.twig @@ -22,12 +22,17 @@ server { fastcgi_param HTTPS off; fastcgi_param REMOTE_ADDR 127.0.0.1; - add_header 'Access-Control-Allow-Origin' "$http_origin" always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-IODevice-Token'; + add_header 'Access-Control-Allow-Origin' "$http_origin"; + return 204; } }