nginx : add_header directive not working
7,098
Solved!
This was not the config after all. The nginx config was fine.
My buildings networking is to blame, somehow and for reasons unknown they are stripping some headers.
When accessed from outside this network, all is well, response headers are in place for fonts.
Related videos on Youtube
Comments
-
mconlin almost 2 years
My Issue:
nginx add_header directive doesn't appear to be workingWhat I have tried:
In my nginx conf I have this:location ~* \.(ttf|woff|eot|otf|woff2|svg|svgz)$ { access_log /var/log/nginx/fonts.access.log; add_header Access-Control-Allow-Origin *; expires 1M; }
When I request a font resource like so:
curl -i -s -D - -XGET http://my.server.com/assets/my_font-f748f9b5f469637888371ef2a5a81765.eot -o /dev/null HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=2592000 Content-Type: application/octet-stream Date: Tue, 08 Sep 2015 16:42:55 GMT ETag: "55eee9fb-d980" Expires: Thu, 08 Oct 2015 16:42:55 GMT Last-Modified: Tue, 08 Sep 2015 14:00:27 GMT Server: nginx/1.4.6 (Ubuntu) Content-Length: 55680 Connection: keep-alive
Notice I do not get back the Access-Control-Allow-Origin * header. To confirm my nginx is returning from that location block I added location block logging. I do see the request for fonts being made in my font.access.log.
$ tail -1 fonts.access.log 172.31.27.203 - - [08/Sep/2015:16:42:55 +0000] "GET /assets/my_font-f748f9b5f469637888371ef2a5a81765.eot HTTP/1.1" 200 55680 "-" "curl/7.30.0"
Other Information:
Nginx version and compilitation flags:$ nginx -V nginx version: nginx/1.4.6 (Ubuntu) built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1) TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module
My conf is good:
sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
My sites conf:
real_ip_header X-Forwarded-For; log_format mysite_log_fmt '[$time_local][$status][$request] from="$remote_addr" host="$host" ua="$http_user_agent"'; upstream unicorn_mysite { server unix:/srv/www/mysite/shared/sockets/unicorn.sock fail_timeout=0; } server { listen 80; server_name <ip> <other ip> <domain name> <elb domain name> access_log /var/log/nginx/mysites.access.log mysite_log_fmt; keepalive_timeout 5; root /srv/www/mysite/current/public/; location ~* \.(ttf|woff|eot|otf|woff2|svg|svgz)$ { access_log /var/log/nginx/fonts.access.log; add_header Access-Control-Allow-Origin "*"; } location / { try_files $uri/index.html $uri/index.htm @unicorn; access_log /var/log/nginx/slash.access.log; } location @unicorn { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; access_log /var/log/nginx/unicorn.access.log; proxy_read_timeout 60; proxy_send_timeout 60; # If you don't find the filename in the static files # Then request it from the unicorn server if (!-f $request_filename) { proxy_pass http://unicorn_mysite; break; } } location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; deny all; } error_page 500 502 503 504 /500.html; location = /500.html { root /srv/www/mysite/current/public/; } }
-
mconlin almost 9 yearsyeah, thats what is so maddening. I have spun up a blank vagrant ubuntu to match my problem host and a simple font location block with add_header worked fine.
-
mconlin almost 9 yearsfull nginx.conf added above in orig question
-
Enzo Wang almost 9 yearsI think it's because of the if-inside-location pitfall, which is stated here link. You can replace "if" with "try_files", let's see. Sorry for not commenting your post since I've no enough "credits" :-(