I am pretty frustrated with this as I can not seem to figure out why this is happening.
I have a Django webapp that was working fine. When I tried changing the worker_connections I started getting CORS issues. I revereted the number and still get CORS issue.
My nginx config looks like below
upstream backend {
#ip_hash;
#server 38.106.79.195;
server unix:/home/www/api.to/app.sock;
}
server {
server_name api.pdf.to;
client_max_body_size 10000m;
gzip_disable "msie6";
access_log off;
error_log on;
gzip_vary on;
gzip on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types application/javascript application/font-ttf ttf text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
location /word/report.html {
alias /var/log/nginx/report.html;
}
location / {
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Max-Age' '3600' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' '*' always;
if ($request_method = OPTIONS ) {
return 200;
}
proxy_pass http://backend;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header REMOTE_ADDR $remote_addr;
proxy_read_timeout 1000; # this
}
location /static/downloads {
alias /home/www/api.to/static/downloads/;
add_header Content-disposition "attachment; filename=$1";
default_type application/octet-stream;
}
location /static/ {
alias /home/www/api.to/static/;
expires 35d;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
}
location /static/downloads {
alias /home/www/api.to/static/downloads/;
add_header Content-disposition "attachment; filename=$1";
default_type application/octet-stream;
}
location /static/ {
alias /home/www/api.to/static/;
expires 35d;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/api.pdf.to-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/api.pdf.to-0001/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
I had CORS disabled in my django app and it was working fine, but after the reload it does not work. I had to add to my nginx
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Max-Age' '3600' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' '*' always;
if ($request_method = OPTIONS ) {
return 200;
}
This makes it so it works when I send it to the local box, but if I Send it to the upstream box (which has the same nginx config) it gives me a 404 or CORS error.