Allow range headers and respond to option requests

9 months ago · cbc3ceb8b2
parent efde6f7591
commit cbc3ceb8b2
1 changed files with 21 additions and 5 deletions
--- a/flake.nix
+++ b/flake.nix
@ -76,11 +76,27 @@
              root = "/var/www/static";
              forceSSL = true;
              enableACME = true;
-              extraConfig = ''
-                add_header 'Access-Control-Allow-Credentials' 'true';
-                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-                add_header 'Access-Control-Allow-Origin' '*';
-              '';
+
+              locations."/" = {
+                extraConfig = ''
+                  if ($request_method = GET) {
+                    add_header Access-Control-Allow-Origin *;
+                    add_header Access-Control-Allow-Credentials true;
+                    add_header Access-Control-Allow-Methods "GET, OPTIONS";
+                    add_header Access-Control-Allow-Headers "origin, accept, range";
+                  }
+
+                  if ($request_method = OPTIONS ) {
+                    add_header Access-Control-Allow-Origin *;
+                    add_header Access-Control-Allow-Credentials true;
+                    add_header Access-Control-Allow-Methods "GET, OPTIONS";
+                    add_header Access-Control-Allow-Headers "origin, accept, range";
+                    add_header Content-Length 0;
+                    add_header Content-Type text/plain;
+                    return 204;
+                  }
+                '';
+              };
            };

            services.nginx.virtualHosts."phantomthieves.net" = {