nginx 动态跨域配置

时间:2021-10-15 05:40:30

方法一:

server {
.....
set $cors_origin "";
if ($http_origin ~* "a.xxxx.com") {
set $cors_origin $http_origin;
}
if ($http_origin ~* "b.xxxx.com") {
set $cors_origin $http_origin;
}
if ($http_origin ~* "c.xxxx.com") {
set $cors_origin $http_origin;
}
add_header 'Access-Control-Allow-Origin' $cors_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'X-Requested-With';
.....
}

方法二:

map $http_origin $cors_origin{
default 0;
"~http://a.xxxx.com" http://a.xxxx.com;
"~http://b.xxxx.com" http://b.xxxx.com;
"~http://b.xxxx.com" http://b.xxxx.com;
} server
{
.....
location / {
add_header 'Access-Control-Allow-Origin' $cors_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'X-Requested-With';
}
.....
}

方法三:

server
{
.....
location / {
if ( $http_origin ~ (.*).xxxxx.com ) {
add_header Access-Control-Allow-Origin $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'X-Requested-With';
}
.....
}

但上面的方法,在CDN场景下好像没作用。

参考:https://www.cnblogs.com/sunmmi/articles/5956554.html