nginx里配置跨域

时间:2024-10-08 08:05:13
发布于 881天前  作者 wendal  1404 次浏览  复制  上一个帖子  下一个帖子
 标签: nginx 跨域
    if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, OPTIONS, POST, GET";
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
add_header Access-Control-Allow-Credentials "true";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
if ($request_method != OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Credentials "true";
}
14 回复

我配置nutzwk open api的时候 遇到这个问题。如果使用了反向代理怎么处理呢?

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.40.231:8080' is therefore not allowed access.
原配置


location / {
proxy_pass http://nutz;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
} }
upstream nutz{ server 127.0.0.1:8080;
keepalive 65;
}

访问的是8080?? 不是nginx的80?

访问的是 80 反向代理到 8080

访问的 443

但这里报的是8080呢, Chrome控制台看看请求到哪里去了

8080是我本机开发环境。

我在开发环境一个项目中,调用线上的api接口,然后提示线上的服务,禁止跨域访问

那,我写的那段代码,你贴在nginx.conf的什么地方了?

@wendal 在location /{} 里面

来自炫酷的 NutzCN

执行一下curl,贴一下头部的输出

curl -v http://xxx.x.x..x.x/yyyyy

curl -v https://***.***.com/

> GET / HTTP/1.1
> Host: **.***.com
> User-Agent: curl/7.50.3
> Accept: */*
>
< HTTP/1.1 302 Found
< Server: nginx
< Date: Mon, 31 Oct 2016 01:10:56 GMT
< Content-Length: 0
< Connection: keep-alive
< X-Powered-By: nutz/1.r.58 <nutzam.com>
< Location: http://***.****.com/sysadmin
< Strict-Transport-Security: max-age=15768000

我用过滤器的方式解决了。。有时间在配置nginx吧

GlobalsSettingProcessor

ac.getResponse().addHeader("Access-Control-Allow-Origin", "*");

收藏了

    if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, OPTIONS, POST, GET";
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
add_header Access-Control-Allow-Credentials "true";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
if ($request_method != OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Credentials "true";
}