I have a problem with the fact that when you open a link inside an instgram, the instgram browser opens, and I need the client's default browser to open. Here is what I did and it works on android
if ($http_user_agent ~ '(Android.+Instagram)') {
add_header Content-type application/pdf;
add_header Content-Disposition 'inline; filename=blablabla';
add_header Content-Transfer-Encoding binary;
add_header Accept-Ranges bytes;
return 200;
}
if ($http_user_agent ~ '(Android.+BytedanceWebview)') {
add_header Content-type application/pdf;
add_header Content-Disposition 'inline; filename=blablabla';
add_header Content-Transfer-Encoding binary;
add_header Accept-Ranges bytes;
return 200;
}
how to make it work on ios?
I tried to do like this:
if ($http_user_agent ~ 'Instagram') { add_header Content-type application/pdf; add_header Content-Disposition 'inline; filename=blablabla'; add_header Content-Transfer-Encoding binary; add_header Accept-Ranges bytes; return 200; }
and this condition does not work(
Related
I created a docker container for magento2 and successfully created the container.
Installed the magento2 successfully following these steps in CLI:
1. ./magento setup:config:set --db-host=172.17.0.3 --db-name=mydb --db-user=admin --db-password=password
Database details from another linked mysql container
2. ./magento setup:install --admin-user='new-admin' --admin-password='!admin123!' --admin-email='info#domain.com' --admin-firstn
ame='Jon' --admin-lastname='Doe' --use-rewrites=1
Initially I missed --use-rewrites but added than
This successfully installs the magento2 and displays the success message too. Than Opening the page in browser I had the following error which I fixed by changing the permission.
Warning: file_put_contents(/usr/html/var/cache//mage-tags/mage---196_CONFIG): failed to open stream: Permission denied in /usr/html/vendor/colinmollenhour/cache-backend-file/File.php on line 663
Now when I open the admin url the link automatically gets changed and the error message appears.
This is the error log from docker logs containername.
nginx: [emerg] "location" directive is not allowed here in /etc/nginx/sites-enabled/magento.conf:191
So must be the nginx setup error
/etc/nginx/sites-enabled/magento.conf
upstream fastcgi_backend {
server unix:/run/php7-fpm.sock;
}
server {
listen 80;
server_name localhost;
set $MAGE_ROOT /usr/html;
root $MAGE_ROOT/pub;
index index.php index.html;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
# PHP entry point for main application
location ~ (index|get|static|report|404|503|health_check)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 1024 4k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.htaccess$|\.git) {
deny all;
}
}
This is the /etc/nginx/nginx.conf
user docker;
worker_processes 4;
pid /run/nginx.pid;
daemon off;
events {
worker_connections 768;
use epoll;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_requests 10;
keepalive_timeout 300;
types_hash_max_size 2048;
client_body_buffer_size 128K;
client_header_buffer_size 1k;
client_body_temp_path /tmp 1 2;
client_max_body_size 10m;
large_client_header_buffers 4 4k;
output_buffers 1 32k;
postpone_output 1460;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
#therefore there should be default named config not default.conf
#so made a change
include /etc/nginx/sites-enabled/*.conf;
The main page is running
give file permission for /var/html/{magento_folder/file giving issue} as
sudo chown -R www-data:www-data /var/html/{magento_folder/file giving issue}
Running a ruby on rails application but have wordpress integrated under the /blog on the domain.
The problem I'm having is that none of the asset files are served correctly under the /blog url.
The wordpress php files are routed correctly and work. The issue is that I'm trying to route the wordpress theme and plugin files, namely css and js files to the /blog folder. However I'm getting 404 for the static files served under /blog so I think I have a misconfiguration in my nginx conf file.
Current nginx configuration:
server {
listen 3000;
server_name myapp.com;
access_log off;
location /blog {
location ~* ^.+\.(jpg|jpeg|gif|png|css|bmp|js|ico|swf)$ {
expires max;
access_log off;
add_header Cache-Control public;
root /var/www/wordpress/current/blog;
break;
}
root /var/www/wordpress/current/blog;
index index.php index.html index.htm;
rewrite ^/blog/(.*)$ /blog/$1 break;
try_files $uri $uri/ /index.php?$args;
}
location ~* ^.+\.(jpg|jpeg|gif|png|css|bmp|js|ico|swf)$ {
root /u/apps/myapp/current/public;
expires max;
}
if (-f $request_filename.html) {
rewrite (.*) $1.html break;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires max;
access_log off;
add_header Cache-Control public;
root /u/apps/myapp/current/public;
break;
}
client_max_body_size 50M;
root /u/apps/myapp/current/public;
access_log off;
passenger_ruby /home/deploy/.rvm/gems/ruby-2.3.3#myapp/wrappers/ruby;
passenger_enabled on;
passenger_max_request_queue_size 200;
rails_env production;
if ($host != 'myapp.com') {
rewrite ^/(.*)$ http://myapp.com/$1 permanent;
}
location ~* ^/assets/ {
expires 1y;
add_header Cache-Control public;
add_header Last-Modified "";
add_header ETag "";
break;
}
error_page 500 504 /500.html;
location = /500.html {
root /u/apps/myapp/current/public;
}
error_page 502 503 /503.html;
location = /503.html {
root /u/apps/myapp/current/public;
}
error_page 404 /404.html;
location = /50x.html {
root html;
}
location ~ .*\.php$ {
root /var/www/wordpress/current;
#fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param HTTPS 'on';
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
location ~* "^.*?\.(eot)|(ttf)|(woff)$" {
add_header Access-Control-Allow-Origin *;
}
}
There is a difference between root and alias, I think you're looking for alias in this situation.
When you use root nginx appends the URI to the path, so using root /var/www/wordpress/current/blog; will cause this to be the root directory for the request, which means navigating to /blog/css/style.css will cause nginx to look for /var/www/wordpress/current/blog/blog/css/style.css.
If you use an alias instead, then nginx will map the uri to the directory:
alias /var/www/wordpress/current/blog;
When you navigate to /blog/css/style.css nginx will remove the prefix and serve the file from /var/www/wordpress/current/blog/css/style.css, it seems you're attempting to do this with a rewrite however your rewrite is rewriting the request to the same uri.
In the situation the URL doesn't work your error_log should be your friend, it'll tell you exactly where it's looking:
2017/06/15 13:04:19 [error] 43391#0: *1786 open()
"/var/www/wordpress/current/blog/blog/css/styles.css" failed
(2: No such file or directory), client: 127.0.0.1, server: myapp.com,
request: "GET /blog/css/styles.css HTTP/1.1", host: "myapp.com:3000"
Changing this to alias throws an error for me (because I don't have your directory structure) but it shows how the location changes:
2017/06/15 13:06:12 [error] 43582#0: *1787 open()
"/var/www/wordpress/current/blog/css/styles.css" failed
(2: No such file or directory), client: 127.0.0.1, server: myapp.com,
request: "GET /blog/css/styles.css HTTP/1.1", host: "myapp.com:3000"
You also don't have a lot of duplicate directives, you only need to define the them once as they are inherited by children, this can clean up your configuration file a lot making it easier to switch things around in the future:
server {
client_max_body_size 50M;
listen 3000;
server_name myapp.com;
access_log off;
root /u/apps/myapp/current/public; # default root, use this unless specified otherwise
error_page 500 504 /500.html;
error_page 502 503 /503.html;
error_page 404 /404.html;
location /blog {
alias /var/www/wordpress/current/blog; # overwrite the default root for this entire block
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
location ~* ^.+\.(jpg|jpeg|gif|png|css|bmp|js|ico|swf)$ {
expires max;
add_header Cache-Control public;
break;
}
}
location ~* ^.+\.(jpg|jpeg|gif|png|css|bmp|js|ico|swf)$ {
expires max;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires max;
add_header Cache-Control public;
break;
}
location ~* "^.*?\.(eot)|(ttf)|(woff)$" {
add_header Access-Control-Allow-Origin *;
}
if (-f $request_filename.html) {
rewrite (.*) $1.html break;
}
if ($host != 'myapp.com') {
rewrite ^/(.*)$ http://myapp.com/$1 permanent;
}
location ~* ^/assets/ {
expires 1y;
add_header Cache-Control public;
add_header Last-Modified "";
add_header ETag "";
break;
}
location = /50x.html {
root html; # overwrite the default root for this
}
location ~ .*\.php$ {
root /var/www/wordpress/current; # overwrite the default root, because this doesn't have /blog on the end it will properly map to /var/www/wordpress/current/blog when /blog is accessed
#fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param HTTPS 'on';
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
# this block is only processed if nothing else matches
location / {
passenger_ruby /home/deploy/.rvm/gems/ruby-2.3.3#myapp/wrappers/ruby;
passenger_enabled on;
passenger_max_request_queue_size 200;
rails_env production;
}
}
Nginx default configuration file - /etc/nginx/sites-available/foo
upstream puma {
server unix:///var/www/foo/shared/tmp/sockets/foo-puma.sock;
}
server {
listen 80;
listen [::]:80;
server_name foo.com;
if ($http_user_agent ~* (easou|Gimme60bot) ) {
return 403;
}
root /var/www/foo/current/public;
client_max_body_size 15M;
keepalive_timeout 10;
location ~ ^/(images|stylesheets|javascripts|fonts) {
expires max;
add_header Cache-Control public;
add_header Access-Control-Allow-Origin *;
}
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location ~* ^.*system.*\.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
}
[error] 10400#10400: *2 directory index of "/var/www/foo/current/public/" is forbidden, client: 10.16.10.20, server: foo.com, request: "GET / HTTP/1.1", host: "www.foo.com", referrer: "http://www.foo.com/"
I also try to change current/public directory permission but it's not worked.
sudo chown -R www-data:www-data /var/www/foo/current/public
OR
sudo chown -R deploy:deploy /var/www/foo/current/public
I am having an issue with my NGINX+Passenger+Rails setup. One requests takes forever to run and is not canceled. I am not sure what is the reason, I have no errors in my error.log file.
Surprisingly if I switch to Puma as a webserver everything is working fine.
The code that causes the issue in my application is marked with a comment:
def build_redirect_url
raise ArgumentError.new("not implemented for provider") if checkout_settings[:package_provider] != "expedia_click_and_mix"
opts = {
:hotels => [hotel],
:from_date => from_date,
:to_date => to_date,
:from_airport_code => from_airport.code,
:to_airport_code => to_airport.code,
:number_of_adults => number_of_adults.to_i,
:cache => false,
:piid => checkout_settings[:unique_identifier]
}
# the below line never finishes. takes like 30 seconds
searcher = PackageKraken::ListKraken::HotelGrouper.new(opts)
details_url = searcher.search.first.details_url
filter_id = search_filter_setting.id
build_filter_redirect_url(filter_id, "expedia_click_and_mix", hotel.id, details_url)
end
We never make it past the searcher = line. It seems the process dies before. So what I did is check my nginx log file for issues, but I only have this. Hoever it seems to have a 499 error code.
This is what I have in my log file:
79.236.111.56 - - [02/Nov/2016:14:28:30 +0100] "GET /packages/package_redirect_url?checkout_settings=%7B%22package_identifier%22%3A%22v5-8a5c783c4b614f2d8018117d4c7fa1f5-8-8-1%22
%2C%22package_provider%22%3A%22expedia_click_and_mix%22%7D&from_airport_id=b2ccff00-2186-482e-a74f-6892c8fd7f77&from_date=2016-11-09+01%3A00%3A00+%2B0100&hotel_id=14245&number_of
_adults=1&to_airport_id=aabc5cd4-36e6-45c9-b027-e0ed4b209414&to_date=2016-11-15+01%3A00%3A00+%2B0100 HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWeb
Kit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36"
Here is my site config for the website:
server {
listen 80;
server_name tripl.de www.tripl.de;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name tripl.de;
ssl on;
ssl_certificate /etc/nginx/ssl/wildcard-cert.crt;
ssl_certificate_key /etc/nginx/ssl/wildcard-cert.key;
return 301 https://www.tripl.de$request_uri;
}
# Production server
server {
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
listen 443;
server_name www.tripl.de;
ssl on;
ssl_certificate /etc/nginx/ssl/wildcard-cert.crt;
ssl_certificate_key /etc/nginx/ssl/wildcard-cert.key;
client_max_body_size 4G;
keepalive_timeout 60;
passenger_enabled on;
root /home/deployer/app_production/current/public;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#
# Custom headers and headers various browsers *should* be OK with but aren't
#
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
#
# Tell client that this pre-flight info is valid for 20 days
#
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
}
}
And this is what I have in my passenger.conf:
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
passenger_ruby /home/deployer/.rbenv/shims/ruby;
Any ideas what could be wrong?
Thanks
The problem was me using Celluloid in some area. Apparently passenger does not like spawning new threads.
Hello I need to make json requests from Backbone to an API (I have control over server-side)..
I keep getting the Access-Control-Allow-Origin, although response headers looks fine.
Here are Nginx settings:
location / {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
passenger_enabled on;
}
here are the request / response headers from console:
Request headers
DNT: 1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/534.57.7 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.7
Accept: */*;q=0.5, text/javascript, application/javascript, application/ecmascript, application/x-ecmascript
Referer: http://<address>/
Response Headers
Access-Control-Request-Method: *
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.14
Transfer-Encoding: Identity
Status: 200
Connection: keep-alive
X-Request-Id: 2917f130c8699182ee9cdc047c1926fe
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.455212
Server: nginx/1.2.2 + Phusion Passenger 3.0.14 (mod_rails/mod_rack)
Etag: "346cee46bab7061e866fa064df95c845"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _y_app_session=BAh7CEkiD3Nlc3Npb25faWQGOgZFRkkiJWE2Zjg3YWQ0NDFjZWNiM2VmNTg2ZDhiYmIyOGFlYmIwBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUxBSzFKTDJQWG1sa2dhbXRLM2ptQmxjenRkZEdJeVh1MDFhaUVuaXE1dFE9BjsARkkiCmZsYXNoBjsARm86JUFjdGlvbkRpc3BhdGNoOjpGbGFzaDo6Rmxhc2hIYXNoCToKQHVzZWRvOghTZXQGOgpAaGFzaHsAOgxAY2xvc2VkRjoNQGZsYXNoZXN7CDoLbm90aWNlMDoLZXJyb3JzMDoKZXJyb3IwOglAbm93MA%3D%3D--648ffcb1b2869f1da57773459307ca1ac5fb8bfb; path=/; HttpOnly
Access-Control-Allow-Headers: *
* UPDATE *
I am currently using http://github.com/yaoweibin/nginx_cross_origin_module and it allows me to make requests from console.
I have set up the nginx as in instructions in the repo above.
cors on;
cors_max_age 3600;
cors_origin_list unbounded;
cors_method_list GET HEAD PUT POST;
cors_header_list unbounded;
server {
## Server stuff..
# passenger stuff
}
So I can do:
var xhr = new XMLHttpRequest()
xhr.open('GET', 'http://www.api.com/plots.json')
xhr.send();
When I do fetch via Backbone with the model that has 'http://www.api.com/plots.json' as url I get Same origin errors.
** UPDATE **
So I switched to more_set_headers and can do .fetch() now... Still cannot make POST or do collection.create();
Here is the latest Nginx setup:
server {
listen 80;
server_name api.app.com;
root /home/ubuntu/app/current/public;
passenger_enabled on;
location / {
if ($request_method = 'OPTIONS') {
more_set_headers 'Access-Control-Allow-Origin: *';
more_set_headers "Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, POST";
more_set_headers "Access-Control-Allow-Headers: x-requested-with";
more_set_headers "Access-Control-Max-Age: 1728000";
more_set_headers 'Content-Type: text/plain; charset=UTF-8';
more_set_headers 'application/json; charset=utf-8';
return 200;
}
if ($request_method = 'POST') {
more_set_headers "Access-Control-Allow-Origin: http://vidoai.com";
more_set_headers "Access-Control-Allow-Methods: GET, POST, OPTIONS";
more_set_headers 'Access-Control-Allow-Headers: DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type';
more_set_headers 'Content-Type: application/json, text/javascript, */*';
}
passenger_enabled on;
}
if ($request_method !~ ^(GET|HEAD|POST|PUT|DELETE)$ ) {
return 444; # block requests that Rails doesn't handle
}
}
What am I missing??
In this line:
if ($request_method !~ ^(GET|HEAD|POST|PUT|DELETE)$ ) {}
You should add OPTIONS too because that is what Backbone would be using probably and you have it defined in your location as well.