Nginx.被CORS政策封锁 [英] Nginx. Blocked by CORS policy
本文介绍了Nginx.被CORS政策封锁的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当前的nginx配置:
Current nginx config:
server {
listen hidden:80;
server_name dev.hidden.com;
root /var/www/back/hidden-api;
location / {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' "Origin, X-Requested-With, Content-Type, Accept" always;
proxy_pass http://localhost:8081;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
那只是没有尝试,但是错误仍然存在:
That just did not try, but the error remains the following:
Access to XMLHttpRequest at 'http://dev.hidden.com/usr/register/do' from origin 'http://front.hidden.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
推荐答案
是否可以尝试在位置块内的配置中添加以下内容:
Can you try to add the following to your config inside the location block:
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' "Origin, X-Requested-With, Content-Type, Accept" always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
请参见 https://developer.mozilla.org/zh-CN/docs/Web/HTTP/CORS#Preflighted_requests 了解有关CORS Preflight检查的更多信息.
See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Preflighted_requests for more information about CORS Preflight checks.
这篇关于Nginx.被CORS政策封锁的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文