Comments (6)
DarthSim
commented on May 13, 2024
2
HI.
I'm very sorry for the long period of inactivity.
CORS headers were added to the latest release. You need to set IMGPROXY_ALLOW_ORIGIN to enable them. See README.
from imgproxy.
mattsrobot
commented on May 13, 2024
@DarthSim is it possible to allow multiple domains? I have two domains, one also that supports subdomains, using the image proxy, I'de like to restrict access only from these?
from imgproxy.
uncvrd
commented on May 13, 2024
Following up on Matt's request for the ability to allow multiple domains in the IMGPROXY_ALLOW_ORIGIN if possible. Currently have to set to * to suit my needs but would like to restrict!
from imgproxy.
DarthSim
commented on May 13, 2024
Here's the thing: Access-Control-Allow-Origin does not support multiple values and masking. Usually, applications respond with dynamic Access-Control-Allow-Origin that depends on the request origin. But in the case of imgproxy where you put a CDN or a caching server in front, this won't work properly.
from imgproxy.
thibauds
commented on May 13, 2024
@DarthSim Maybe we could check if the Host or X-Forwarded-Host header is in the IMGPROXY_ALLOW_ORIGIN list and return it if there is a match?
from imgproxy.
DarthSim
commented on May 13, 2024
@thibauds That's exactly what I'm talking about here:
Usually, applications respond with dynamic Access-Control-Allow-Origin that depends on the request origin. But in the case of imgproxy where you put a CDN or a caching server in front, this won't work properly.
from imgproxy.
Related Issues (20)
- invalid source on mp4 when using video thumbnail extraction HOT 2
- Promethues exporter HOT 3
- Can't download source image: Can't allocate input format context: Server returned 400 Bad Request HOT 2
- Link to Documentation is down HOT 1
- Feature request: add support for APNG animated images HOT 3
- Monochrome thumbnails from latest release HOT 13
- There is an error in the image file name that contains the '@' character. HOT 1
- Feature request: animated AVIF HOT 4
- Allow gravity to be relative HOT 4
- Will chrome automatically convert webp to avif? HOT 2
- GIF: 250 frames gifs exceed 30s processing limit enforced by CDN HOT 5
- Feature request: Video thumbnail tile behaviour HOT 1
- Provide a more detailed error message why local:// is not available when IMGPROXY_LOCAL_FILESYSTEM_ROOT is not set
- GIF gint is invalid or out of range HOT 2
- Can't connect to firebase local emulator
- Priority of /format: %format/ and @ HOT 1
- Crop Area with focus point HOT 5
- Im Confused on how to code HOT 4
- ThumbHash support HOT 3
- Can warning logs `Recursive preset usage is detected: default` be suppressed? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from imgproxy.