Linux
Nginx
Nginx 跨域问题处理

Nginx 跨域问题处理

通常来说,nginx 可通过如下配置解决跨域问题:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

server {
    listen       80;
    server_name  xxx.kpromise.top;

    add_header Access-Control-Allow-Origin $http_origin;
    add_header Access-Control-Allow-Methods '*';
    add_header Access-Control-Allow-Credentials true;
    add_header Access-Control-Allow-Headers x-traceid,appid;

    if ($request_method = OPTIONS) {
        return 204;
    }
}

但如果上游返回了相关 header 则可能导致 header 重复反而引发跨域问题,nginx 暂时没看到 set_header,proxy_set_header 是设置请求头,是给上游服务器的,但有 proxy_hide_header,它是删除上游返回的 header,不将其返回给 client,故 nginx 做跨域,最好的办法是 add_header 和 proxy_hide_header 结合使用,举个例子:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18

server {
    listen       80;
    server_name  xxx.kpromise.top;

    add_header Access-Control-Allow-Origin $http_origin;
    add_header Access-Control-Allow-Methods '*';
    add_header Access-Control-Allow-Credentials true;
    add_header Access-Control-Allow-Headers x-traceid,appid;

    proxy_hide_header Access-Control-Allow-Origin;
    proxy_hide_header Access-Control-Allow-Methods;
    proxy_hide_header Access-Control-Allow-Credentials;
    proxy_hide_header Access-Control-Allow-Headers;

    if ($request_method = OPTIONS) {
        return 204;
    }
}
最后更新于
Nginx 转发导致死循环