0
0
Nginxdevops~5 mins

CORS configuration in Nginx - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What does CORS stand for and why is it important?
CORS stands for Cross-Origin Resource Sharing. It allows a web page from one domain to request resources from another domain safely, preventing security risks.
Click to reveal answer
beginner
Which HTTP header is used to allow cross-origin requests in nginx?
The header Access-Control-Allow-Origin is used to specify which domains can access resources from the server.
Click to reveal answer
beginner
How do you enable CORS for all domains in nginx?
Add the line add_header Access-Control-Allow-Origin "*"; inside the server or location block to allow all domains.
Click to reveal answer
intermediate
What is the purpose of the Access-Control-Allow-Methods header?
It specifies which HTTP methods (GET, POST, etc.) are allowed when accessing the resource from another origin.
Click to reveal answer
intermediate
Why might you need to add Access-Control-Allow-Headers in your nginx CORS setup?
This header tells the browser which custom headers can be sent with the request, enabling more complex requests like those with authentication tokens.
Click to reveal answer
Which nginx directive adds a header to enable CORS?
Aadd_header
Bset_header
Cproxy_pass
Dlisten
What value allows all domains to access your resource via CORS?
A"all"
B"*"
C"none"
D"localhost"
Which header controls which HTTP methods are allowed in CORS?
AAccess-Control-Allow-Methods
BAccess-Control-Allow-Origin
CAccess-Control-Allow-Headers
DAccess-Control-Expose-Headers
If you want to allow credentials (cookies) in CORS, which header must NOT be set to "*"?
AAccess-Control-Max-Age
BAccess-Control-Allow-Methods
CAccess-Control-Allow-Headers
DAccess-Control-Allow-Origin
Where in nginx config do you usually place CORS headers?
AOnly in events block
BInside http block only
CInside server or location block
DIn upstream block
Explain how to configure nginx to allow cross-origin requests from a specific domain.
Think about which header controls allowed origins.
You got /3 concepts.
    Describe why CORS is necessary and what problem it solves in web browsers.
    Consider how browsers protect users from unsafe data sharing.
    You got /3 concepts.