Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
dfe0314b
Commit
dfe0314b
authored
Jun 21, 2014
by
Andrew Rodgers
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added nginx config examples for CORS headers, and CORS selective reflection
parent
4618ef0c
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
22 additions
and
2 deletions
+22
-2
README.md
+22
-2
No files found.
README.md
View file @
dfe0314b
...
...
@@ -71,7 +71,14 @@ Header set Access-Control-Allow-Headers "origin, authorization, accept"
```
Note that using "
\*
" leaves your graphite instance quite open so you might want to consider using "http://my.graphite-dom.ain" in place of "
\*
"
If your Graphite web is proteced by basic authentication, you have to enable the HTTP verb OPTIONS, origin
Here is the same thing, in nginx format:
```
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Credentials" "true";
add_header "Access-Control-Allow-Methods" "GET, OPTIONS";
add_header "Access-Control-Allow-Headers" "Authorization, origin, accept";
```
If your Graphite web is protected by basic authentication, you have to enable the HTTP verb OPTIONS, origin
(no wildcards are allowed in this case) and add Access-Control-Allow-Credentials. This looks like the following for Apache:
```
Header set Access-Control-Allow-Origin "http://mygrafana.com:5656"
...
...
@@ -86,7 +93,20 @@ Header set Access-Control-Allow-Credentials true
</LimitExcept>
</Location>
```
And in nginx:
```
auth_basic "Restricted";
auth_basic_user_file /path/to/my/htpasswd/file;
if ($http_origin ~* (https?://[^/]*\.somedomain\.com(:[0-9]+)?)) { #Test if request is from allowed domain, you can use multiple if
set $cors "true"; #statements to allow multiple domains, simply setting $cors to true in each one.
}
if ($cors = 'true') {
add_header Access-Control-Allow-Origin $http_origin; #this mirrors back whatever domain the request came from as authorized, as
add_header "Access-Control-Allow-Credentials" "true"; #as long as it matches one of your if statements
add_header "Access-Control-Allow-Methods" "GET, OPTIONS";
add_header "Access-Control-Allow-Headers" "Authorization, origin, accept";
}
```
# Roadmap
-
Improve and refine the target parser and editing
-
Improve graphite import feature
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
