How to make nginx CORS configuration work when server returns error?
Since version 1.7.5 you can use the always
keyword to return the headers regardless of the response code:
add_header 'Access-Control-Allow-Origin' '*' always;
http://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
This has been answered before: https://serverfault.com/questions/431274/nginx-services-fails-for-cross-domain-requests-if-the-service-returns-error.
add-header
doesn't work with HTTP errors, but the optional headers_more module can be used to workaround this limitation.