Corrected regex for credentials CORS

LEARNER-568

Corrected regex for credentials CORS
LEARNER-568
a9bb5336 · Clinton Blackburn · 54dbb8e0 · a9bb5336
Commit a9bb5336 authored Apr 13, 2017 by Clinton Blackburn
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

playbooks/roles/credentials/templates/edx/app/nginx/sites-available/credentials.j2
+2 -2

No files found.
--- a/playbooks/roles/credentials/templates/edx/app/nginx/sites-available/credentials.j2
+++ b/playbooks/roles/credentials/templates/edx/app/nginx/sites-available/credentials.j2
@@ -17,7 +17,7 @@ upstream credentials_app_server {

 map $http_origin $cors_header {
  default "";
-  '~*^https?://({{ CREDENTIALS_CORS_ORIGIN_WHITELIST|join('|')|replace('.', '\.') }})$' "$http_origin";
+  '~*^https?://({{ CREDENTIALS_CORS_ORIGIN_WHITELIST|join('|')|replace('.', '\.') }})' "$http_origin";
 }

 server {
@@ -44,7 +44,7 @@ server {

  location ~ ^{{ CREDENTIALS_STATIC_URL }}(?P<file>.*) {
    if ($request_method = 'OPTIONS') {
-      add_header 'Access-Control-Allow-Origin' "$cors_header";
+      add_header 'Access-Control-Allow-Origin' "$cors_header" always;
      add_header 'Access-Control-Allow-Methods' 'GET, POST';
      add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
      add_header 'Access-Control-Max-Age' 1728000;