@latitude wrote:
Hello HAProxy Community!
I need a little assistance with CORS configuration.
I need to allow CORS from all subdomains on a domain, e.g. *.domain.com. I currently have the following config:
capture request header origin len 128
http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Headers:\ Origin,\ X-Requested-With,\ Content-Type,\ Accept if { capture.req.hdr(0) -m found }But I believe this allows wide open CORS. Is there a way to limit it to all subdomains on a domain?
Using HAProxy version 1.5.18
Thanks in advance!
Posts: 1
Participants: 1