Question

Nginx - issue uploading video - Failed to load resource: Origin https://mydomain.com is not allowed by Access-Control-Allow-Origin.

Posted November 11, 2019 739 views
Nginx

Hello everyone,

I have a website using ReactJs and making request to my NodeJs backend server.

Everything (all request to my api) working good.

But, when I uploading video (POST request) on my website I have the following error. Even if i had already allowed ’https://mydomain.com’ :

I also upload images on my website and I don’t have any error. I have just when I uploading videos.

Bellow you can see a part of /etc/nginx/sites-available/default file

server {
 server_name api.mydomain.com; # managed by Certbot
 client_max_body_size 1000M;

   location / {
        proxy_pass http://localhost3030;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect  off;
        proxy_buffers   2 16k;
        proxy_busy_buffers_size  64k;
        #proxy_connect_timeout 600;
        #proxy_send_timeout 600;
        #proxy_read_timeout 600;
        #send_timeout 600;

        client_max_body_size 1000M;

        if ($http_origin ~ "(https://api.mydomain.com) | (https://mydomain.com)" )
{
        add_header    'Access-Control-Allow-Origin' '$http_origin' always;
        add_header    'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
        add_header 'Vary' "Origin";
        add_header    'Content-Type' 'video/mp4; mp4';
        add_header    'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept' always;
        add_header    'Access-Control-Allow-Credentials' 'true' always;
        #add_header 'Access-Control-Max-Age' 1728000000;
        add_header Access-Control-Expose-Headers "Content-Length, Content-Range, Date, Server,
Transfer-Encoding, origin, range, x-goog-meta-foo1";
}
   }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/stylway.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/stylway.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

server {
    if ($host = api.mydomain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

listen 80;
 server_name api.mydomain.com;
    return 404; # managed by Certbot
}

Thanks in advance for your help!

Add a comment
fsarfraz
By:
fsarfraz
edited by MattIPv4
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
Shiroka February 11, 2020

Hello,please add *.yourdomain.com to the CORS configuration.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help