Le 28/11/2014 16:13, Baptiste a écrit :
On Fri, Nov 28, 2014 at 3:09 PM, Charles Bijon <bijon.char...@gmail.com> wrote:
Hi,
I wonder if when using the header rewrite for CORS if
- we can simplify keeping the origin in a variable on the fly and of course
with a list of acl for accept this domain
or
- that one is forced to use a different backend to each domain.
example:
in the backend using :
rspadd Access-Control-Allow-Origin: $(hdr(origin))
But I do not know if this concept of variable is possible with haproxy.
Today, i am using one backend for each origin domain with different way of
"rspadd Access-Control-Allow-Origin: XXXXX" that will be not funny to
manage.
Regards,
Charles
Hi Charles,
What is CORS ???
What should $origin return? The content of a HTTP header called Origin?
Or something else?
Baptiste
Hi Baptiste,
CORS is this "http://enable-cors.org/", it's Cross-Origin Resource Sharing.
A simple idea was to use this : "rspadd Access-Control-Allow-Origin:\ *"
but it's not secure. I need to have the correct domain in this header.
Yes i want to have the HTTP header called origin in this way : rspadd
Access-Control-Allow-Origin: $origin
Regards,
Charles