NutzCN Logo
分享 nginx里配置跨域
发布于 3235天前 作者 wendal 4024 次浏览 复制 上一个帖子 下一个帖子
标签: nginx 跨域
    if ($request_method = OPTIONS ) {
        add_header Access-Control-Allow-Origin "*";
        add_header Access-Control-Allow-Methods "GET, OPTIONS, POST, GET";
        add_header Access-Control-Allow-Headers $http_access_control_request_headers;
        add_header Access-Control-Allow-Credentials "true";
        add_header Content-Length 0;
        add_header Content-Type text/plain;
        return 200;
    }
    if ($request_method != OPTIONS ) {
        add_header Access-Control-Allow-Origin "*";
        add_header Access-Control-Allow-Credentials "true";
    }

14 回复

我配置nutzwk open api的时候 遇到这个问题。如果使用了反向代理怎么处理呢?

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.40.231:8080' is therefore not allowed access.
原配置


location / { proxy_pass http://nutz; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; } } upstream nutz{ server 127.0.0.1:8080; keepalive 65; }

访问的是8080?? 不是nginx的80?

访问的是 80 反向代理到 8080

但这里报的是8080呢, Chrome控制台看看请求到哪里去了

8080是我本机开发环境。

我在开发环境一个项目中,调用线上的api接口,然后提示线上的服务,禁止跨域访问

那,我写的那段代码,你贴在nginx.conf的什么地方了?

@wendal 在location /{} 里面

来自炫酷的 NutzCN

执行一下curl,贴一下头部的输出

curl -v http://xxx.x.x..x.x/yyyyy

curl -v https://***.***.com/

> GET / HTTP/1.1
> Host: **.***.com
> User-Agent: curl/7.50.3
> Accept: */*
> 
< HTTP/1.1 302 Found
< Server: nginx
< Date: Mon, 31 Oct 2016 01:10:56 GMT
< Content-Length: 0
< Connection: keep-alive
< X-Powered-By: nutz/1.r.58 <nutzam.com>
< Location: http://***.****.com/sysadmin
< Strict-Transport-Security: max-age=15768000

我用过滤器的方式解决了。。有时间在配置nginx吧

GlobalsSettingProcessor

ac.getResponse().addHeader("Access-Control-Allow-Origin", "*");

收藏了

    if ($request_method = OPTIONS ) {
        add_header Access-Control-Allow-Origin "*";
        add_header Access-Control-Allow-Methods "GET, OPTIONS, POST, GET";
        add_header Access-Control-Allow-Headers $http_access_control_request_headers;
        add_header Access-Control-Allow-Credentials "true";
        add_header Content-Length 0;
        add_header Content-Type text/plain;
        return 200;
    }
    if ($request_method != OPTIONS ) {
        add_header Access-Control-Allow-Origin "*";
        add_header Access-Control-Allow-Credentials "true";
    }
添加回复
请先登陆
回到顶部