diff options
| author | Oscar Najera <hi@oscarnajera.com> | 2025-02-09 20:23:10 +0100 |
|---|---|---|
| committer | Oscar Najera <hi@oscarnajera.com> | 2025-02-09 20:23:10 +0100 |
| commit | 756fc597d9e4a77588341ce20cb9f28c8e9422af (patch) | |
| tree | 68a3d387428a313c80354cb4cc05cfe40695c892 /webstats/readme.org | |
| parent | 5db6afef2702a9ad0e175df8675dee4607d8476f (diff) | |
| download | scratch-756fc597d9e4a77588341ce20cb9f28c8e9422af.tar.gz scratch-756fc597d9e4a77588341ce20cb9f28c8e9422af.tar.bz2 scratch-756fc597d9e4a77588341ce20cb9f28c8e9422af.zip | |
setup cors
Diffstat (limited to 'webstats/readme.org')
| -rw-r--r-- | webstats/readme.org | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/webstats/readme.org b/webstats/readme.org index d3908e9..a720673 100644 --- a/webstats/readme.org +++ b/webstats/readme.org @@ -18,3 +18,23 @@ $HTTP["url"] =~ "^/stats/" { } #+end_src + +Setting up CORS +#+begin_src conf +server.modules += ( "mod_setenv" ) + # For CORS we need to allow all origins + setenv.add-response-header += ( + "Access-Control-Allow-Origin" => "*", + "Access-Control-Allow-Credentials" => "true" + ) + # For CORS OPTIONS requests we should say which methods are allowed + $HTTP["request-method"] == "OPTIONS" { + setenv.add-response-header += ( + "Access-Control-Allow-Methods" => "GET, POST, OPTIONS", + "Access-Control-Expose-Headers" => "Content-Range, Date, Etag, Cache-Control, Last-Modified", + "Access-Control-Allow-Headers" => "Content-Type, Origin, Accept, Range, Cache-Control", + "Access-Control-Max-Age" => "600", + "Timing-Allow-Origin" => "*" + ) + } +#+end_src |