Question 98647 in Nginx Question posted in
The official documentation can be found here.

Allowing CORS for api.glossgenius.com – Nginx

I need assistance, i am unsure how to make the API response from "api.glossgenius.com" work properly to get elements of the site working.

https://studio21md.com/portfolio

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.glossgenius.com/v3/web/portfolio_images?slug=meganhammett. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.glossgenius.com/v3/web/portfolio_images?slug=meganhammett. (Reason: CORS request did not succeed).

Can anyone assist on Nginx how i would solve this specific issue?

Here is my config, Thank you for your assistance.

 server {
    listen       80;
    server_name  www.studio21md.com studio21md.com;
    #charset koi8-r;
    #access_log  logs/host.access.log  main;

    location / {
        proxy_pass   https://meganhammett.glossgenius.com;
}
Tags:

2

Answers


  1. 0

    Please use this config in nginx.

    server {
        listen       80;
        server_name  www.studio21md.com studio21md.com;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
    
      location / {
        add_header 'Access-Control-Allow-Origin' 'https://api.glossgenius.com';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
        add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
    
        if ($request_method = 'OPTIONS') {
          add_header 'Access-Control-Allow-Origin' 'https://api.glossgenius.com';
          add_header 'Access-Control-Allow-Credentials' 'true';
          add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
          add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
          add_header 'Access-Control-Max-Age' 1728000;
          add_header 'Content-Type' 'text/plain charset=UTF-8';
          add_header 'Content-Length' 0;
          return 204;
        }
    proxy_pass   https://meganhammett.glossgenius.com;
proxy_redirect off;
proxy_set_header host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-forward-for $proxy_add_x_forwarded_for;
    }
    }
    Login or Signup to reply.
  2. 0

    As I understand you do not have access to the backend of api.glossgenius and you are calling it from the javascript.

    I would try calling that glossgenius api from your backend. And make endpoint so that your frontend calls your backend. You do not have cors problems from your frontend calling your backend as I understand.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search