From 3885da40c3a81c37d9f280be6f876cc36f89e78f Mon Sep 17 00:00:00 2001 From: Rub21 Date: Mon, 11 Sep 2023 14:52:44 -0500 Subject: [PATCH] Set CORS headers --- images/web/config/production.conf | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/images/web/config/production.conf b/images/web/config/production.conf index fddf1401..113a3693 100644 --- a/images/web/config/production.conf +++ b/images/web/config/production.conf @@ -30,12 +30,11 @@ RewriteCond %{REQUEST_METHOD} ^(GET|HEAD)$ RewriteRule ^0\.6/(node|way|relation)/([^/]+)$ - [L,H=fcgi:127.0.0.1:80] - # Conditionally set CORS headers for openhistoricalmap.org subdomains - SetEnvIf Origin "https://(.*\.)?openhistoricalmap\.org$" AccessControlAllowOrigin=$0 - Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin - Header set Access-Control-Allow-Methods "GET, POST, OPTIONS" env=AccessControlAllowOrigin - Header set Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" env=AccessControlAllowOrigin - Header set Access-Control-Expose-Headers "Content-Length,Content-Range" env=AccessControlAllowOrigin + # Set CORS headers + Header set Access-Control-Allow-Origin "*" + Header set Access-Control-Allow-Methods "GET, POST, OPTIONS" + Header set Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" + Header set Access-Control-Expose-Headers "Content-Length,Content-Range" # Relax Apache security settings