CORS Error When Using xAccelRedirect On "Direct" File Servers
Issue:
When using "direct" file server storage with xAccelRedirect enabled, you see an error in the browser console similar to the following:
Access to audio at 'https://yoursite.com/5Yta/Ek_miss_jou.mp3?download_token=7b946cca1799b554de0fc471e90b861e24ee2af9378ed67b62938eaa7bfb6653' from origin 'https://yoursite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Fix:
On certain versions of Nginx, the custom headers set by the script are removed. You can fix this by adding them to the Nginx config file, the same place as your rewrite rules for the Yetishare script. On your file server(s) in:
/home/admin/conf/web/fs1.yoursite.com/nginx.conf_yetishare
Replace the /files/ section with:
location /files/ {
# support cross domain requests (CORS), needed when xAccelRedirect is enabled on file servers
add_header Access-Control-Allow-Origin https://yoursite.com;
add_header Access-Control-Allow-Headers "Content-Type, Content-Range, Content-Disposition, Content-Description";
add_header Access-Control-Allow-Credentials true;
internal;
}
Ensure you replace yoursite.com with your domain name and restart Nginx.