Requesting a FIX for a problem that few people reported and being ignored from a while. The fact is that Nginx totally ignores some headers and there is not reason why. Here is the header list placed on site.com.conf: location ~ [^/]\.php(/|$) { set $cors ''; set $cors 'true'; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header 'Access-Control-Max-Age' 1728000; .... if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } Here you can see that headers are being loaded but ignored: After making some tests I can confirm there is no way to set CORS and manage static content from a subdomain/CDN Documentation: https://gist.github.com/agouriou/735daacf7530675552ff248f319a07d9 https://gist.github.com/Stanback/7145487 https://enable-cors.org/server_nginx.html Please, may someone help to all people touched by this BUG? Thank you very much.

What header are you trying to add. All mine are working correctly.

CRITICAL: CORS Error Nginx Access-Control-Allow-Origin (BUG FIX)

aaP_admin64

Requesting a FIX for a problem that few people reported and being ignored from a while.

The fact is that Nginx totally ignores some headers and there is not reason why.

Here is the header list placed on site.com.conf:

  location ~ [^/]\.php(/|$)
        {
  set $cors '';     
  set $cors 'true';      
  add_header 'Access-Control-Allow-Origin' '*';
  add_header 'Access-Control-Allow-Credentials' 'true';
  add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
  add_header 'Access-Control-Max-Age' 1728000;
  
   ....

Here you can see that headers are being loaded but ignored:

After making some tests I can confirm there is no way to set CORS and manage static content from a subdomain/CDN

Documentation:
https://gist.github.com/agouriou/735daacf7530675552ff248f319a07d9
https://gist.github.com/Stanback/7145487
https://enable-cors.org/server_nginx.html

Please, may someone help to all people touched by this BUG?

Thank you very much.