From: Christopher F. <chr...@ca...> - 2012-11-15 14:55:35
|
On 14/11/2012 22:42, Ian wrote: > On most of my sites, the dynamic content comes from the www. subdomain > while the static content is served from (cookieless) static. subdomain > but this is effectively cross-site and can cause problems for certain > file types if Access-Control-Allow-Origin headers are not set. > > I'm achieving it under Apache with the following in the .htaccess file: > > <FilesMatch "\.(eot|woff|ttf|svg)$"> > <IfModule mod_headers.c> > SetEnvIf Origin > "^http(s)?://(.+\.)?(domain\.tld|domain\.tld\.local)$" origin_is=$0 > Header set Access-Control-Allow-Origin %{origin_is}e env=origin_is > </IfModule> > </FilesMatch> > > Can anyone tell me how this is to be done under YAWS? > You could achieve this using an appmod on '/' that will proxify all your calls: -module(my_appmod). -export([out/1]). out(Arg) -> {abs_path, Path} = yaws_api:http_request_path(yaws_api:arg_req(Arg)), Hdrs = yaws_api:arg_headers(Arg), case yaws_api:get_header(Hdrs, "Origin") of undefined -> {page, Path}; Origin -> RE = "^http(s)?://(.+\.)?(domain\.tld|domain\.tld\.local)$", case re:run(Origin, RE, [{capture, none}]) of match -> Opts = [{header, {"Access-Control-Allow-Origin", Origin}}], {page, {Opts, Path}}; nomatch -> {page, Path} end end. Then by adding following line in your vhost configuration, this will do what you want: <server www.domain.tld> ... appmods = </, my_appmod> ... </server> Note: If you use this method, you can have only one appmod. -- Christopher |