CORS 和非 200 statusCode [英] CORS and non 200 statusCode

问题描述

我的 CORS 与 Nginx 配合良好.API 旨在发送非 HTTP 200 状态代码，例如，401、404 等，以防输入错误.问题是 Chrome 会在收到非 HTTP 200 状态代码时取消/中止请求.由于这个原因，我无法在 Web 客户端上显示确切的错误.

I have CORS working well with Nginx. The APIs are designed to send non HTTP 200 status code, for example, 401, 404, etc., in case of bad input. The problem is that Chrome cancels/abort the request if it receives a non HTTP 200 status code. Due to this reason, I am not able to show the exact error on the Web client.

解决 CORS 非 200 状态代码错误的方法是什么?

What is the way around for CORS non 200 status code errors?

推荐答案

默认情况下，Nginx 只为它认为成功的请求添加标头.您可以通过将 always 参数添加到您的 add_header 指令，例如

By default Nginx only adds headers for requests it considers successful. You can make it add the header without regard for the response code, by adding the always parameter to your add_header directive, e.g.

add_header 'Access-Control-Allow-Origin' '*' always;

将 always 参数添加到 Access-Control-Allow-Origin 标头是不够的.always 参数需要添加到需要始终添加的标题中.在某些情况下，您需要将 always 参数添加到 Access-Control-Allow-Credentials 标头中.

Adding the always parameter to the Access-Control-Allow-Origin header is not enough. The always parameter needs to be added to the headers that need to be always added. In some cases, you will need to add the always parameter to the Access-Control-Allow-Credentials header.

add_header 'Access-Control-Allow-Credentials' 'true' always;

这篇关于CORS 和非 200 statusCode的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！