updates for mobile cors and oauth2 proxy for large fields

NginxRocks · Sep 14, 2020 · 6dd4176 · 6dd4176
1 parent 95b3fe2
commit 6dd4176
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/include/oauthproxylocations.conf b/include/oauthproxylocations.conf
@@ -9,4 +9,7 @@ location /oauth2/ {
     proxy_set_header X-Real-IP $remote_addr;
     proxy_set_header X-Scheme $scheme;
     proxy_set_header X-Auth-Request-Redirect $request_uri;
+    proxy_buffer_size          128k;
+    proxy_buffers              4 256k;
+    proxy_busy_buffers_size    256k;
 }
diff --git a/include/security/cors-options.conf b/include/security/cors-options.conf
@@ -6,7 +6,7 @@
         # send back extensive headers because this is painful
         add_header Access-Control-Allow-Methods 'OPTIONS, GET, POST, PUT, PATCH, DELETE' always;        
         # Apparently IOS is awful and doesnt accept wildcard just wow...
-        add_header Access-Control-Allow-Headers 'Authorization, Content-Type, *' always;        
+        add_header Access-Control-Allow-Headers 'Authorization, Content-Type, Access-Control-Allow-Headers, X-Requested-With, *' always;
         # Tell client that this pre-flight info is valid for 20 days
         add_header Access-Control-Max-Age 1728000 always;
         # This is an empty rquest so i dont know why content type or character set matter