[GH-ISSUE #164] make Access-Control-Allow-Origin configurable #129

New issue

Open

opened 2026-02-25 23:40:47 +03:00 by kerem · 3 comments

kerem commented

2026-02-25 23:40:47 +03:00

Owner

Originally created by @sgohl on GitHub (May 13, 2025).
Original GitHub issue: https://github.com/HaschekSolutions/pictshare/issues/164

When referencing an uploaded image via webgl from another webapp, browsers deny due to CORS

For an image share app, I feel it's crucial to at least have it configurable to be able to opt for

Access-Control-Allow-Origin "*"

I think, reasonable would be an include statement in the main nginx conf, a dynamic generated nginx-conf snippet file combined with a conditional in start.sh that writes the statement to this snippet file in case a variable is set, probably even evaluate the env value

Originally created by @sgohl on GitHub (May 13, 2025). Original GitHub issue: https://github.com/HaschekSolutions/pictshare/issues/164 When referencing an uploaded image via webgl from another webapp, browsers deny due to CORS For an image share app, I feel it's crucial to at least have it configurable to be able to opt for `Access-Control-Allow-Origin "*"` I think, reasonable would be an include statement in the main nginx conf, a dynamic generated nginx-conf snippet file combined with a conditional in `start.sh` that writes the statement to this snippet file in case a variable is set, probably even evaluate the env value

kerem commented

2026-02-25 23:40:48 +03:00

Author

Owner

@sgohl commented on GitHub (May 13, 2025):

I'm not sure whether to do it this way (dedicated env var) or to provide a more general way of adding nginx snippets what would be my preferred option, but then the env should support multi-line values and maybe even base64

I usually don't like to be forced to mount files into containers, hence the env approach.

@sgohl commented on GitHub (May 13, 2025): I'm not sure whether to do it this way (dedicated env var) or to provide a more general way of adding nginx snippets what would be my preferred option, but then the env should support multi-line values and maybe even base64 I usually don't like to be forced to mount files into containers, hence the env approach.

kerem commented

2026-02-25 23:40:48 +03:00

Author

Owner

@geek-at commented on GitHub (May 14, 2025):

If you use a reverse proxy behind the docker container you can set them there as the highest point in the chain (closer to the internet) can overwrite the headers. Currently they are hardcoded in the nginx config file of the container.

@geek-at commented on GitHub (May 14, 2025): If you use a reverse proxy behind the docker container you can set them there as the highest point in the chain (closer to the internet) can overwrite the headers. Currently they are hardcoded in the nginx config file of the container.

kerem commented

2026-02-25 23:40:48 +03:00

Author

Owner

@sgohl commented on GitHub (May 15, 2025):

@geek-at I'm aware of that, but this adds unnecessary complexity/requirement to the reverse proxy in front, which is in that regard not it's actual job. Setting this header is responsibility of the application itself, at least for my understanding.
There are people who don't use plain old handrafted nginx configs for only a handful of things. This gets easily unmanagable for hundreds of web apps.

edit: did you check my fork proposal? https://github.com/sgohl/pictshare/pull/1/files

@sgohl commented on GitHub (May 15, 2025): @geek-at I'm aware of that, but this adds unnecessary complexity/requirement to the reverse proxy in front, which is in that regard not it's actual job. Setting this header is responsibility of the application itself, at least for my understanding. There are people who don't use plain old handrafted nginx configs for only a handful of things. This gets easily unmanagable for hundreds of web apps. edit: did you check my fork proposal? https://github.com/sgohl/pictshare/pull/1/files