diff --git a/images/web/config/production.conf b/images/web/config/production.conf index 5ef5619b..df9d03f9 100644 --- a/images/web/config/production.conf +++ b/images/web/config/production.conf @@ -3,25 +3,34 @@ # Tell Apache and Passenger where your app's 'public' directory is DocumentRoot /var/www/public PassengerRuby /usr/bin/ruby + + # Add CORS headers for preflight requests + + Header always set Access-Control-Allow-Origin "*" + Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT" + Header always set Access-Control-Max-Age "1000" + Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token" + + # Respond to preflight requests + RewriteEngine On + RewriteCond %{REQUEST_METHOD} OPTIONS + RewriteRule ^(.*)$ $1 [R=200,L,E=HTTP_ACCESS_CONTROL_ALLOW_HEADERS:Authorization] + + + # Existing rewrite rules RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} =http - # Development mode in case domain is localhost - # Rewrite to HTTPS RewriteCond %{HTTP_HOST} !=localhost RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - # Rewrite to www. [NC] is a case-insensitive match RewriteCond %{HTTP_HOST} !=localhost - # Avoid redirect staging sites RewriteCond %{HTTP_HOST} !=staging.openhistoricalmap.org RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] - # ======Redirect trafict to CGIMAP==== - # Rules to redirect to port 81 + # Redirect traffic to CGIMAP RewriteCond %{REQUEST_URI} ^/api/0\.6/map RewriteRule ^.*$ http://127.0.0.1:81%{REQUEST_URI} [P,L] - # Existing rewrites RewriteRule ^0\.6/map$ - [L,H=fcgi:127.0.0.1:81] RewriteRule ^0\.6/(nodes|ways|relations)$ - [L,H=fcgi:127.0.0.1:81] RewriteRule ^0\.6/(way|relation)/([^/]+)/full$ - [L,H=fcgi:127.0.0.1:81]