LD
Change your colour scheme

TIL: Allowing CORS for specific subdomains with NGINX

Published:

Here’s a quick blog to add to an NGINX config to allow CORS for subdomains, without the wide-open policy you get when using *, taken from this StackOverflow answer:

map $http_origin $allow_origin {
    ~^https?://(.*\.)?my.domain(:\d+)?$ $http_origin;
    default "";
}

server {
	listen 80;
	listen [::]:80;
	...
	
	add_header 'Access-Control-Allow-Origin' $allow_origin;

About the author

My face

I'm Lewis Dale, a software engineer and web developer based in the UK. I write about writing software, silly projects, and cycling. A lot of cycling. Too much, maybe.

Responses