0

I added the Access-Control-Allow-Origin under the server section. That works as expected for any 'images'. When I call the 'canonical link' (1.pdf) the Access-Control-Allow-Origin is missing in the response. Why? And how can that be solved?

I don't want do add this line to all of my canonical links.

server {
    server_name myserver.de;
    listen 10.11.12.13:443 ssl http2;
    access_log /var/log/nginx/ssl_access.log;
    error_log /var/log/nginx/ssl_error.log error;

    add_header 'Access-Control-Allow-Origin' 'https://foo.bar';

    location / {
        root /data/images/;

        location ~ (.*)/1.pdf$ {
            #add_header 'Access-Control-Allow-Origin' 'https://foo.bar';
            add_header Link "<http://foo.bar/a-pdf>; rel=\"canonical\"";
        }
    }
Improve this question
0

1 Answer 1

Reset to default
5

There could be several add_header directives. These directives are inherited from the previous level if and only if there are no add_header directives defined on the current level.

You can use ngx_headers_more module to solve this problem

If you don't want to use above module, try something like this

server {
    set $headerA 'https://foo.bar';
    set $headerB "";

    if (something) {
            set $headerB "something";
    }

    add_header 'Access-Control-Allow-Origin' $headerA;
    add_header Link $headerB;
}

Only use add_header in the server block and remove all add_header from location block. Note that Link would not be returned if headerB is empty

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

So If I don't install this ngx_headers_more extension, I 've to add the 'add_header' to every other location? I've ~ 50 canonical links...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.