3

我一直在 nginx 中搜索 CORS request conf 并得到了这个配置:

server {
listen      80;
server_name apibackend;
root        /mnt/www/apibackend/public;
access_log  /var/log/nginx/apibackend.access.log;
error_log   /var/log/nginx/apibackend.error.log;

# serve static files directly
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
    access_log off;
    expires max;
}

location /{
    index  index.html index.htm index.php; #try static .html file first
    try_files $uri $uri/ /index.php?q=$uri&$args;
} 

# catch all
error_page      404 /index.php;

location ~ \.php$ {
    add_header 'Access-Control-Allow-Origin' "*";
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Max-Age' 1728000;
    add_header 'Access-Control-Allow-Methods' 'GET, POST, UPDATE, DELETE, OPTIONS';
    add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
    add_header 'Content-Length' 0;
    add_header 'Content-Type' 'text/plain charset=UTF-8';

    include                             /etc/nginx/fastcgi_params;
    fastcgi_index                       index.php;
    fastcgi_pass                        127.0.0.1:9000;
    fastcgi_split_path_info             ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO             $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED       $document_root$fastcgi_path_info;
    fastcgi_param SCRIPT_FILENAME       $document_root$fastcgi_script_name;
}

}

当我直接从浏览器访问它时,一切都很好,我添加的标题在这里:

HTTP/1.1 200 OK
Server: nginx/1.4.0
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.10-1ubuntu3.6
Set-Cookie: laravel_session=7o4v2fiu460q9p9h2hfo9lpnv6; expires=Mon, 27-May-2013 17:03:02 GMT; path=/
Cache-Control: no-cache
Date: Mon, 27 May 2013 15:03:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, UPDATE, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Access-Control-Allow-Headers: Authorization
Content-Encoding: gzip

但是,当我从另一个域(angularJS 应用程序)上的应用程序访问它时,标题不会出现!

Connection:keep-alive
Content-Type:text/html
Date:Mon, 27 May 2013 15:03:12 GMT
Server:nginx/1.4.0
Set-Cookie:laravel_session=k9bastale5kuo0afndbp261025; expires=Mon, 27-May-2013 17:03:12 GMT; path=/; HttpOnly
Transfer-Encoding:chunked
X-Powered-By:PHP/5.3.10-1ubuntu3.6

然后,我有一个错误:

OPTIONS apibackend 500 (Internal Server Error) angular.min.js:99
OPTIONS apibackend Origin angularapp is not allowed by Access-Control-Allow-Origin. angular.min.js:99
XMLHttpRequest cannot load apibackend. Origin angularapp is not allowed by Access-Control-Allow-Origin.

我一直在尝试,但没有留下任何线索。

谢谢你的帮助!

4

1 回答 1

1

首先,Nginx 的传统 add_header 指令不适用于 4xx 响应。由于我们仍然想向它们添加自定义标头,我们需要安装 ngx_headers_more 模块才能使用 more_set_headers 指令,该指令也适用于 4xx 响应。

虽然文档建议使用该模块构建 Nginx 源代码,但如果您使用的是 Debian 发行版,您实际上可以使用 nginx-extras 包轻松安装它:

sudo apt-get install nginx-extras

例如,使用 CORS 处理:

more_set_headers 'Access-Control-Allow-Origin: $http_origin';
more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEAD';
more_set_headers 'Access-Control-Allow-Credentials: true';
more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization';

location / {
    if ($request_method = 'OPTIONS') {
        more_set_headers 'Access-Control-Allow-Origin: $http_origin';
        more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEAD';
        more_set_headers 'Access-Control-Max-Age: 1728000';
        more_set_headers 'Access-Control-Allow-Credentials: true';
        more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization';
        more_set_headers 'Content-Type: text/plain; charset=UTF-8';
        more_set_headers 'Content-Length: 0';
        return 204;
    }
    try_files $uri $uri/ /index.php?$query_string;
}
于 2021-03-30T18:00:47.027 回答