Who and why / why not use nginx on top of ring server?

Personally I am thinking about it because of CORS purpose, but on the other hand maybe it is better to implement it in the app. Not sure.

I know we have https://github.com/r0man/ring-cors but it just doesn’t work for me. Nothing is happening.

(wrap-cors :access-control-allow-origin [#""]
                 :access-control-allow-headers ["Content-Type" "User-Agent"]
                 :access-control-allow-methods [:options :get :post])

curl -v -i -H "Origin: " -X DELETE                  Tue Apr  2 16:23:06 2019
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to dev.localhost (127.0.0.1) port 8080 (#0)
> DELETE /authorize HTTP/1.1
> Host: dev.localhost:8080
> User-Agent: curl/7.54.0
> Accept: */*
> Origin: 
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Set-Cookie: auth-session=4594d762-8b71-42ed-bdb1-a27575410196;Path=/;HttpOnly
Set-Cookie: auth-session=4594d762-8b71-42ed-bdb1-a27575410196;Path=/;HttpOnly
< Content-Length: 3
Content-Length: 3
< Server: http-kit
Server: http-kit
< Date: Tue, 02 Apr 2019 14:23:33 GMT
Date: Tue, 02 Apr 2019 14:23:33 GMT

<
* Connection #0 to host dev.localhost left intact
foo⏎

it should be rejected, because :delete is not in allowed methods

It doesn’t add headers with -X OPTIONS

(ring.middleware.cors/allow-request? {:headers {"origin" ""}
                                        :request-method :options}
                                       {:access-control-allow-origin [#""]
                                        ;:access-control-allow-headers #{"Content-Type" "User-Agent"}
                                        :access-control-allow-methods #{:options :get :post}
                                        })

oh I see, it looks like ring-cors use forbidden header access-control-request-method

solved…. well, it will be easier to write my own wrapper on this

or use nginx on top of ring, because of no good support for this. What is your choice?

well… probably I will do it on nginx 🙂