Enable CORS for NextCloud

Tio · February 12, 2021, 12:39am

My YunoHost server

Hardware: VPS bought online
YunoHost version: latest
I have access to my server : Through SSH | through the webadmin | direct access via keyboard / screen | …
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

I would like to enable CORS for our PDF books stored on our NextCloud. I tried so many methods but didn’t manage to. I tried adding CORS nginx code to /etc/nginx/conf.d/www.drive.tromsite.com.d/nextcloud.conf …

I come from Apache and we had this:

SetEnvIf Origin "^http(s)?://(.+\.)?(tromsite\.com|tromsite\.de)$" origin_is=$0 
Header always set Access-Control-Allow-Origin %{origin_is}e env=origin_is

Header always set Access-Control-Allow-Headers "range" 

Header always set Access-Control-Expose-Headers: "Accept-Ranges, Content-Encoding, Content-Length, Content-Range"

Header always set Access-Control-Allow-Methods: "POST, GET, OPTIONS"

Header always set Accept-Ranges "bytes"

Header always set Access-Control-Allow-Credentials "true"

Header always set Strict-Transport-Security: "max-age=31536000"

It worked, but on nginx I do not know how to do it.

Aleks · February 12, 2021, 1:01am

You probably need to add something like

more_set_headers "Access-Control-Allow-Origin: some value";

and similar line for other headers in /etc/nginx/conf.d/yourdomain.tld.d/nextcloud.conf

Tio · February 12, 2021, 1:05am

Yup thanks. Works with:

  more_set_headers "Access-Control-Allow-Origin https://www.tromsite.com";
  more_set_headers "Access-Control-Max-Age 3600";
  more_set_headers "Access-Control-Expose-Headers Content-Length";
  more_set_headers "Access-Control-Allow-Headers Range";
  more_set_headers "Accept-Ranges bytes";

But now I am struggling to find a way to allow bytes. Meaning, we have some huge books and it is better to be able to download a few bits then to display the books, instead of downloading the entire book before displaying it. We managed to do it with the httaccess code.

Tio · February 12, 2021, 12:33pm

With the above set, nginx: worker process was eating some 5GB of RAM… Had to restart it.

system · February 27, 2021, 12:34pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.