ExternalVendorCode/devilbox
1
0
Fork 0
mirror of https://github.com/cytopia/devilbox.git synced 2024-12-18 20:37:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update HTTPD server

Browse Source
This commit is contained in:
cytopia 2022-12-31 08:19:29 +01:00
parent 8c81bcc1a1
commit 8e39202fc9
No known key found for this signature in database
GPG Key ID: 6D56EDB8695128A2
7 changed files with 35 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cfg/vhost-gen/apache22.yml-example-rproxy
View File

@ -134,13 +134,16 @@ features:
Allow from all
</Location>
# https://stackoverflow.com/a/42558499
# https://fetch.spec.whatwg.org/#forbidden-header-name
xdomain_request: |
# Allow cross domain request from these hosts
SetEnvIf Origin "__REGEX__" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS"
Header always set Access-Control-Allow-Headers "Accept, Authorization, Content-Security-Policy, Content-Type, Location, Origin, X-Requested-With"
Header always set Access-Control-Expose-Headers "Content-Security-Policy, Location"
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS

9
cfg/vhost-gen/apache22.yml-example-vhost
View File

@ -181,13 +181,16 @@ features:
Allow from all
</Location>
# https://stackoverflow.com/a/42558499
# https://fetch.spec.whatwg.org/#forbidden-header-name
xdomain_request: |
# Allow cross domain request from these hosts
SetEnvIf Origin "__REGEX__" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS"
Header always set Access-Control-Allow-Headers "Accept, Authorization, Content-Security-Policy, Content-Type, Location, Origin, X-Requested-With"
Header always set Access-Control-Expose-Headers "Content-Security-Policy, Location"
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS

9
cfg/vhost-gen/apache24.yml-example-rproxy
View File

@ -137,13 +137,16 @@ features:
Require all granted
</Location>
# https://stackoverflow.com/a/42558499
# https://fetch.spec.whatwg.org/#forbidden-header-name
xdomain_request: |
# Allow cross domain request from these hosts
SetEnvIf Origin "__REGEX__" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS"
Header always set Access-Control-Allow-Headers "Accept, Authorization, Content-Security-Policy, Content-Type, Location, Origin, X-Requested-With"
Header always set Access-Control-Expose-Headers "Content-Security-Policy, Location"
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS

9
cfg/vhost-gen/apache24.yml-example-vhost
View File

@ -206,13 +206,16 @@ features:
Require all granted
</Location>
# https://stackoverflow.com/a/42558499
# https://fetch.spec.whatwg.org/#forbidden-header-name
xdomain_request: |
# Allow cross domain request from these hosts
SetEnvIf Origin "__REGEX__" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header always set Access-Control-Allow-Methods "HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS"
Header always set Access-Control-Allow-Headers "Accept, Authorization, Content-Security-Policy, Content-Type, Location, Origin, X-Requested-With"
Header always set Access-Control-Expose-Headers "Content-Security-Policy, Location"
Header always set Access-Control-Max-Age "0"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS

9
cfg/vhost-gen/nginx.yml-example-rproxy
View File

@ -114,11 +114,12 @@ features:
xdomain_request: |
# Allow cross domain request from these hosts
# https://fetch.spec.whatwg.org/#forbidden-header-name
if ( $http_origin ~* (__REGEX__) ) {
add_header "Access-Control-Allow-Origin" "$http_origin";
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header "Access-Control-Allow-Origin" "$http_origin";
add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Content-Security-Policy, Content-Type, Location, Origin, X-Requested-With';
add_header 'Access-Control-Expose-Headers' 'Content-Security-Policy, Location';
add_header 'Access-Control-Max-Age' 0;
return 200;
}

9
cfg/vhost-gen/nginx.yml-example-vhost
View File

@ -166,11 +166,12 @@ features:
xdomain_request: |
# Allow cross domain request from these hosts
# https://fetch.spec.whatwg.org/#forbidden-header-name
if ( $http_origin ~* (__REGEX__) ) {
add_header "Access-Control-Allow-Origin" "$http_origin";
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header "Access-Control-Allow-Origin" "$http_origin";
add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Content-Security-Policy, Content-Type, Location, Origin, X-Requested-With';
add_header 'Access-Control-Expose-Headers' 'Content-Security-Policy, Location';
add_header 'Access-Control-Max-Age' 0;
return 200;
}

2
docker-compose.yml
View File

@ -227,7 +227,7 @@ services:
# Web Server
# ------------------------------------------------------------
httpd:
image: devilbox/${HTTPD_SERVER}:${HTTPD_FLAVOUR:-alpine}-1.0-beta2
image: devilbox/${HTTPD_SERVER}:${HTTPD_FLAVOUR:-alpine}-1.0
hostname: httpd
environment: