Question
Question
Nginx - issue uploading video - Failed to load resource: Origin https://mydomain.com is not allowed by Access-Control-Allow-Origin.
Hello everyone,
I have a website using ReactJs and making request to my NodeJs backend server.
Everything (all request to my api) working good.
But, when I uploading video (POST request) on my website I have the following error. Even if i had already allowed ’https://mydomain.com’ :
- Failed to load resource: Origin https://mydomain.com is not allowed by Access-Control-Allow-Origin. (SAFARI)
- Access to XMLHttpRequest at ’https://api.mydomain.com/albums/17/medias/videos’ from origin ’https://www.mydomain.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. (CHROME)
I also upload images on my website and I don’t have any error. I have just when I uploading videos.
Bellow you can see a part of /etc/nginx/sites-available/default file
server {
server_name api.mydomain.com; # managed by Certbot
client_max_body_size 1000M;
location / {
proxy_pass http://localhost3030;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
proxy_buffers 2 16k;
proxy_busy_buffers_size 64k;
#proxy_connect_timeout 600;
#proxy_send_timeout 600;
#proxy_read_timeout 600;
#send_timeout 600;
client_max_body_size 1000M;
if ($http_origin ~ "(https://api.mydomain.com) | (https://mydomain.com)" )
{
add_header 'Access-Control-Allow-Origin' '$http_origin' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Vary' "Origin";
add_header 'Content-Type' 'video/mp4; mp4';
add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
#add_header 'Access-Control-Max-Age' 1728000000;
add_header Access-Control-Expose-Headers "Content-Length, Content-Range, Date, Server,
Transfer-Encoding, origin, range, x-goog-meta-foo1";
}
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/stylway.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/stylway.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = api.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name api.mydomain.com;
return 404; # managed by Certbot
}
Thanks in advance for your help!
Add a comment
edited by MattIPv4
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×