Commit 1f52bee6 authored by Alain Takoudjou's avatar Alain Takoudjou Committed by Administrator

gitlab: set cors header in nginx configuration

when accessing gitlab URL ex: lab.nexedi.com from renderjs, URL is blocked because there is no CORS.
Set cors header directly in nginx configuration, so that it's not required to create custom slave frontend configuration to include Access-Control-Allow-Origin
parent 3da3ffd7
...@@ -101,6 +101,7 @@ configuration.nginx_gzip_comp_level = 2 ...@@ -101,6 +101,7 @@ configuration.nginx_gzip_comp_level = 2
configuration.nginx_gzip_proxied = any configuration.nginx_gzip_proxied = any
configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json
configuration.nginx_keepalive_timeout = 65 configuration.nginx_keepalive_timeout = 65
configuration.nginx_header_allow_origin = *
# configuring trusted proxies # configuring trusted proxies
# GitLab is behind a reverse proxy, so we don't want the IP address of the proxy # GitLab is behind a reverse proxy, so we don't want the IP address of the proxy
......
...@@ -293,7 +293,7 @@ md5sum = 7782f5c5d75663c2586e28d029c51e49 ...@@ -293,7 +293,7 @@ md5sum = 7782f5c5d75663c2586e28d029c51e49
[gitlab-parameters.cfg] [gitlab-parameters.cfg]
<= download-file <= download-file
md5sum = 9ff67261781092ae4d1096d65927b9f2 md5sum = dec5d989e2d969369bd1eaffcbfb78d6
[gitlab-shell-config.yml.in] [gitlab-shell-config.yml.in]
<= download-template <= download-template
...@@ -325,7 +325,7 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4 ...@@ -325,7 +325,7 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4
[nginx-gitlab-http.conf.in] [nginx-gitlab-http.conf.in]
<= download-template <= download-template
md5sum = 37ea159762fe25db2af6b4ac3870d1e3 md5sum = 697140d980c75ddc1dd0a656b1c88447
[nginx.conf.in] [nginx.conf.in]
<= download-template <= download-template
......
...@@ -118,6 +118,8 @@ server { ...@@ -118,6 +118,8 @@ server {
{# we do not support relative URL - path is always "/" #} {# we do not support relative URL - path is always "/" #}
{% set path = "/" %} {% set path = "/" %}
location {{ path }} { location {{ path }} {
# Set CORS header
add_header 'Access-Control-Allow-Origin' {{ cfg('nginx_header_allow_origin') }};
## If you use HTTPS make sure you disable gzip compression ## If you use HTTPS make sure you disable gzip compression
## to be safe against BREACH attack. ## to be safe against BREACH attack.
{{ 'gzip off;' if cfg_https else ''}} {{ 'gzip off;' if cfg_https else ''}}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment