server-configs/nginx/h5bp/directive-only/cross-domain-insecure.conf

# Cross domain AJAX requests

# http://www.w3.org/TR/cors/#access-control-allow-origin-response-header

# **Security Warning**
# Do not use this without understanding the consequences.
# This will permit access from any other website.
#
add_header "Access-Control-Allow-Origin" "*";

# Instead of using this file, consider using a specific rule such as:
#
# Allow access based on [sub]domain:
#    add_header "Access-Control-Allow-Origin" "subdomain.example.com";
Add gzip and h5bp configuration to the nginx config 2016-05-30 20:18:10 -04:00			`# Cross domain AJAX requests`

			`# http://www.w3.org/TR/cors/#access-control-allow-origin-response-header`

			`# Security Warning`
			`# Do not use this without understanding the consequences.`
			`# This will permit access from any other website.`
			`#`
			`add_header "Access-Control-Allow-Origin" "*";`

			`# Instead of using this file, consider using a specific rule such as:`
			`#`
			`# Allow access based on [sub]domain:`
			`# add_header "Access-Control-Allow-Origin" "subdomain.example.com";`