id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
388	nginx proxy pass and CROS(cross-origin resource sharing)	peng yuehui		"I configed nginx to combine the CROS config and the proxy pass.

When I use 'if' statement to judge whether the domain is allowed to CROS, the proxy pass worked badly, It added another suffix to the origin url. Details see the following config snippet and explanation.  I think the 'if' statement has some defects, hope you can fix it.

The config1 will get the right results, the config2 will add another ""resource"" path to the end of /sync/resource, like /sync/resource/resource, this leading to backend not response it. The if statement is true, I direct return 200 will see the origin headers existing, but why when I added the 'if' statement , the behavior of proxy pass changed.

config1
<snippet>
    location /resource {
        add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,OPTIONS';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Origin' ""$http_origin"";
        add_header 'Access-Control-Allow-Headers' 'WD-Since,WD-Start,WD-Direction,WD-Length,WD-Ids,Content-Type,WD-Client-Id';
        add_header 'Access-Control-Expose-Headers' 'WD-Total-Length,WD-Phone-Modal,WD-Client-Id,WD-Udid,WD-Need-More';
        proxy_cache off;
        proxy_set_header Host   $host;
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://sync-nodes/sync/resource;
    }
</snippet>

config2
<snippet>
    location /resource {
        if ($http_origin ~* ""https?://.*\.XXXX\.com"") {
            add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,OPTIONS';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Origin' ""$http_origin"";
            add_header 'Access-Control-Allow-Headers' 'WD-Since,WD-Start,WD-Direction,WD-Length,WD-Ids,Content-Type,WD-Client-Id';
            add_header 'Access-Control-Expose-Headers' 'WD-Total-Length,WD-Phone-Modal,WD-Client-Id,WD-Udid,WD-Need-More';
        }
        proxy_cache off;
        proxy_set_header Host   $host;
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://sync-nodes/sync/resource;
    }
</snippet>"	defect	closed	minor	1.5	nginx-module	1.2.x	duplicate	CROS proxy pass		2.6.32-220.13.1.el6.x86_64 #1 SMP Tue Apr 17 23:56:34 BST 2012 x86_64 x86_64 x86_64 GNU/Linux	"nginx version: nginx/1.2.1
built by gcc 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) 
TLS SNI support enabled
configure arguments: --prefix=/home/work/nginx/ --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-http_realip_module --with-http_sub_module --add-module=../extra_modules/ngx_consistent_hash --add-module=../extra_modules/ngx_devel_kit --add-module=../extra_modules/set-misc-nginx-module --add-module=../extra_modules/ngx_healcheck"