christianlight/tutor
6
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-11-10 15:20:56 +00:00
Code Issues Releases Activity

Add CORS config to LMS

Browse Source 
By default, all subdomains of the LMS are allowed.

For reference:
https://enable-cors.org/server_nginx.html
https://stackoverflow.com/questions/54313216/nginx-config-to-enable-cors-with-origin-matching
This commit is contained in:
Régis Behmo 2020-09-04 22:51:40 +02:00
parent b1c7dab03e
commit 055c3cad3f
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -4,6 +4,7 @@ Note: Breaking changes between versions are indicated by "💥".
## Unreleased ## Unreleased
- [Improvement] Add CORS basic configuration to LMS for subdomains of the LMS
- [Feature] Add support for `images build --add-host` option (thanks @grinderz!) - [Feature] Add support for `images build --add-host` option (thanks @grinderz!)
- [Bugfix] Fix podman compatibility by replacing `docker-compose rm` command by `docker-compose stop` when stopping containers - [Bugfix] Fix podman compatibility by replacing `docker-compose rm` command by `docker-compose stop` when stopping containers
- [Improvement] Improve plugin data deletion - [Improvement] Improve plugin data deletion

14
tutor/templates/apps/nginx/lms.conf
View File

@ -12,6 +12,11 @@ server {
} }
{% endif %} {% endif %}
map $http_origin $allow_origin {
# Accept requests coming from all subdomains of the LMS host
~^{% if ACTIVATE_HTTPS %}https{% else %}http{% endif %}://.*\.{{ LMS_HOST }}$ $http_origin;
}
server { server {
{% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %} {% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %}
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }}; server_name {{ LMS_HOST }} preview.{{ LMS_HOST }};
@ -25,8 +30,15 @@ server {
client_max_body_size 4M; client_max_body_size 4M;
server_tokens off; server_tokens off;
# CORS configuration
add_header 'Access-Control-Allow-Origin' '$allow_origin';
add_header 'Access-Control-Allow-Credentials' 'true';
# sampled from edx.org
add_header 'Access-Control-Allow-Headers' 'accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, use-jwt-cookie';
add_header 'Access-Control-Max-Age' 86400;
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last; rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
location @proxy_to_lms_app { location @proxy_to_lms_app {
{% if not WEB_PROXY %} {% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;