if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, OPTIONS, POST, GET";
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
add_header Access-Control-Allow-Credentials "true";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
if ($request_method != OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Credentials "true";
}
14 回复
我配置nutzwk open api的时候 遇到这个问题。如果使用了反向代理怎么处理呢?
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.40.231:8080' is therefore not allowed access.
原配置
location / {
proxy_pass http://nutz;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
}
}
upstream nutz{
server 127.0.0.1:8080;
keepalive 65;
}
访问的是 80 反向代理到 8080
访问的 443
走https
8080是我本机开发环境。
我在开发环境一个项目中,调用线上的api接口,然后提示线上的服务,禁止跨域访问
curl -v https://***.***.com/
> GET / HTTP/1.1
> Host: **.***.com
> User-Agent: curl/7.50.3
> Accept: */*
>
< HTTP/1.1 302 Found
< Server: nginx
< Date: Mon, 31 Oct 2016 01:10:56 GMT
< Content-Length: 0
< Connection: keep-alive
< X-Powered-By: nutz/1.r.58 <nutzam.com>
< Location: http://***.****.com/sysadmin
< Strict-Transport-Security: max-age=15768000
我用过滤器的方式解决了。。有时间在配置nginx吧
GlobalsSettingProcessor
ac.getResponse().addHeader("Access-Control-Allow-Origin", "*");
收藏了
if ($request_method = OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, OPTIONS, POST, GET";
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
add_header Access-Control-Allow-Credentials "true";
add_header Content-Length 0;
add_header Content-Type text/plain;
return 200;
}
if ($request_method != OPTIONS ) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Credentials "true";
}