From c37496f2b0d538145d81da32a84d12038a25fb3c Mon Sep 17 00:00:00 2001 From: Andrew Rodgers Date: Fri, 20 Jun 2014 02:40:01 +0000 Subject: [PATCH] added nginx conf examples for graphite CORS configuration --- README.md | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index efe3edee048..f5ee64affe4 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,14 @@ Header set Access-Control-Allow-Headers "origin, authorization, accept" ``` Note that using "\*" leaves your graphite instance quite open so you might want to consider using "http://my.graphite-dom.ain" in place of "\*" -If your Graphite web is proteced by basic authentication, you have to enable the HTTP verb OPTIONS, origin +Here is the same thing, in nginx format: +``` +add_header "Access-Control-Allow-Origin" "*"; +add_header "Access-Control-Allow-Credentials" "true"; +add_header "Access-Control-Allow-Methods" "GET, OPTIONS"; +add_header "Access-Control-Allow-Headers" "Authorization, origin, accept"; +``` +If your Graphite web is protected by basic authentication, you have to enable the HTTP verb OPTIONS, origin (no wildcards are allowed in this case) and add Access-Control-Allow-Credentials. This looks like the following for Apache: ``` Header set Access-Control-Allow-Origin "http://mygrafana.com:5656" @@ -86,7 +93,18 @@ Header set Access-Control-Allow-Credentials true ``` - +And in nginx: +``` +if ($http_origin ~* (https?://[^/]*\.somedomain\.com(:[0-9]+)?)) { #Test if request is from allowed domain, you can use multiple if + set $cors "true"; #statements to allow multiple domains, simply setting $cors to true in each one. +} +if ($cors = 'true') { + add_header Access-Control-Allow-Origin $http_origin; + add_header "Access-Control-Allow-Credentials" "true"; + add_header "Access-Control-Allow-Methods" "GET, OPTIONS"; + add_header "Access-Control-Allow-Headers" "Authorization, origin, accept"; +} +``` # Roadmap - Improve and refine the target parser and editing - Improve graphite import feature