jyyan · November 1, 2018 18:36
diff --git a/nginx_cors_s3_upload_proxy_full b/nginx_cors_s3_upload_proxy_full
 # DO NOT RESPOND TO REQUESTS OTHER THAN yourdomain.com
 server {
    listen       80  default;
    server_name  _;
    return       444;
 }

 # FILE UPLOADS
 server {
        listen   80;
        server_name  yourdomain.com www.yourdomain.com;

        access_log  /var/log/nginx/s3uploadproxy.access.log;
        error_log /var/log/nginx/s3uploadproxy.error.log;

        proxy_read_timeout 10;
        proxy_connect_timeout 10;
        # allow big files...
        client_max_body_size 30M;
        # and slow uploads
        proxy_send_timeout 1200;

        # Deny illegal Host headers
        if ($host !~* ^(yourdomain.com|www.yourdomain.com)$ ) {
                return 444;
        }

        # dissalow methods
        if ($request_method !~ ^(OPTIONS|POST)$ ) {
                # empty response
                return 444;
        }

        location / {

                # CORS PRE-FLIGHT REQUESTS
                if ($request_method = 'OPTIONS') {
                        more_set_headers 'Access-Control-Allow-Origin: *';
                        more_set_headers 'Access-Control-Allow-Methods: POST, OPTIONS';
                        more_set_headers 'Access-Control-Max-Age: 1728000';
                        more_set_headers 'Content-Type: text/plain; charset=UTF-8';
                        #more_set_headers 'Access-Control-Allow-Headers: ';
                        return 200;
                }

                # FILE UPLOADS
                if ($request_method = 'POST') {
                        more_set_headers 'Access-Control-Allow-Origin: *';
                        proxy_pass http://your-s3-bucket;
                }
        }

        # 204 (No Content) for favicon.ico
        location = /favicon.ico {
                #empty_gif;
                return 204;
        }
 }
	# DO NOT RESPOND TO REQUESTS OTHER THAN yourdomain.com
	server {
	listen 80 default;
	server_name _;
	return 444;
	}

	# FILE UPLOADS
	server {
	listen 80;
	server_name yourdomain.com www.yourdomain.com;

	access_log /var/log/nginx/s3uploadproxy.access.log;
	error_log /var/log/nginx/s3uploadproxy.error.log;

	proxy_read_timeout 10;
	proxy_connect_timeout 10;
	# allow big files...
	client_max_body_size 30M;
	# and slow uploads
	proxy_send_timeout 1200;

	# Deny illegal Host headers
	if ($host !~* ^(yourdomain.com\|www.yourdomain.com)$ ) {
	return 444;
	}

	# dissalow methods
	if ($request_method !~ ^(OPTIONS\|POST)$ ) {
	# empty response
	return 444;
	}

	location / {

	# CORS PRE-FLIGHT REQUESTS
	if ($request_method = 'OPTIONS') {
	more_set_headers 'Access-Control-Allow-Origin: *';
	more_set_headers 'Access-Control-Allow-Methods: POST, OPTIONS';
	more_set_headers 'Access-Control-Max-Age: 1728000';
	more_set_headers 'Content-Type: text/plain; charset=UTF-8';
	#more_set_headers 'Access-Control-Allow-Headers: ';
	return 200;
	}

	# FILE UPLOADS
	if ($request_method = 'POST') {
	more_set_headers 'Access-Control-Allow-Origin: *';
	proxy_pass http://your-s3-bucket;
	}
	}

	# 204 (No Content) for favicon.ico
	location = /favicon.ico {
	#empty_gif;
	return 204;
	}
	}