Skip to content

Instantly share code, notes, and snippets.

View albertcht's full-sized avatar

Albert Chen albertcht

264 followers · 25 following
View GitHub Profile
@albertcht
albertcht / cors.inc
Created August 5, 2020 08:35 — forked from antonbabenko/cors.inc
(nginx AND varnish) + CORS (working example)
more_set_headers "Access-Control-Allow-Origin: $http_origin";
more_set_headers "Access-Control-Allow-Credentials: true";
# OPTIONS indicates a CORS pre-flight request
if ($request_method = 'OPTIONS') {
more_set_headers "Access-Control-Max-Age: 1728000";
more_set_headers "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS";
more_set_headers "Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
more_set_headers "Content-Length: 0";
@albertcht
albertcht / CORS-and-nginx.md
Created August 3, 2020 13:19 — forked from dunderrrrrr/CORS-and-nginx.md
Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin.

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, or port) from its own.

Example

Let's say you need to add the following CORS headers.

Access-Control-Allow-Origin: https://example.com
Access-Control-Allow-Methods: GET, POST, PATCH, OPTIONS
Access-Control-Allow-Headers: Content-Type
@albertcht
albertcht / cors.nginxconf
Created August 3, 2020 13:18 — forked from pauloricardomg/cors.nginxconf
Nginx configuration for CORS-enabled HTTPS proxy with origin white-list defined by a simple regex
#
# Acts as a nginx HTTPS proxy server
# enabling CORS only to domains matched by regex
# /https?://.*\.mckinsey\.com(:[0-9]+)?)/
#
# Based on:
# * http://blog.themillhousegroup.com/2013/05/nginx-as-cors-enabled-https-proxy.html
# * http://enable-cors.org/server_nginx.html
#
server {
@albertcht
albertcht / docker-compose.yml
Created August 3, 2020 13:17 — forked from iki/docker-compose.yml
Docker-compose nginx CORS proxy
version: '3.7'
services:
whoami:
image: jwilder/whoami
ports:
- 127.0.0.1:7000:8000
cors:
@albertcht
albertcht / cors.nginx.md
Created August 3, 2020 13:13 — forked from TheRatG/cors.nginx.md
How to enable Cross-Origin Requests (CORS) on nginx

Open nginx CORS configuration

Wide open nginx CORS configuration CORS is a W3C working standard that currently has decent (but inconsistent) implementions in Firefox, Chrome and Safari. I use it primarily to test PhoneGap apps in regular browsers instead of testing the code in simulators. PhoneGap apps can skip the usual origin checks via configuration, but running a PhoneGap app takes more setup - which make it harder for designers to work with the app. Running apps in simulators or on actual devices also takes al lot more time that just reloading a browser and this annoys me.

Read up on CORS

@albertcht
albertcht / Laravel-Container.md
Created May 6, 2018 02:39
Laravel's Dependency Injection Container in Depth

Laravel's Dependency Injection Container in Depth

Laravel has a powerful Inversion of Control (IoC) / Dependency Injection (DI) Container. Unfortunately the official documentation doesn't cover all of the available functionality, so I decided to experiment with it and document it for myself. The following is based on Laravel 5.4.26 - other versions may vary.

Introduction to Dependency Injection

I won't attempt to explain the principles behind DI / IoC here - if you're not familiar with them you might want to read What is Dependency Injection? by Fabien Potencier (creator of the Symfony framework).

Accessing the Container