wprykg
Last Updated: February 25, 2016
·
2.696K
· javisperez

CORS with nginx for 401,404,501 and any other http status

After two hours trying to make nginx serve a CORS for a 401 status code, i found the solution and wanted to share it here.

This doc:
http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header

Says that the "add_header" option only work for status:
200, 201, 204, 206, 301, 302, 303, 304 or 307

But you can bypass all the http status restriction by passing a third parameter to the add_header with the constant "always". That way, it will add the header, all the time, with any state.

So in my case, my header end up like this:

add_header 'Access-Control-Allow-Origin' * always;

Notice the always at the end of the value? That did the trick for me, and just wanted to share it.