Change your colour scheme

TIL: Allowing CORS for specific subdomains with NGINX


Here’s a quick blog to add to an NGINX config to allow CORS for subdomains, without the wide-open policy you get when using *, taken from this StackOverflow answer:

map $http_origin $allow_origin {
~^https?://(.*\.)?my.domain(:\d+)?$ $http_origin;
default "";

server {
listen 80;
listen [::]:80;

add_header 'Access-Control-Allow-Origin' $allow_origin;

About the author

My face

I'm Lewis Dale, a software engineer and web developer based in the UK. I write about writing software, silly projects, and cycling. A lot of cycling. Too much, maybe.