我正在尝试设置CORS以与Node中的Socket IO一起使用。很遗憾,该请求一直被Chrome取消:
GET https://example.com/zebra/8601/socket.io/1/?key=example123&t=1377831596484 HTTP/1.1
Origin: https://example.io
Referer: https://example.io/example
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.57 Safari/537.36
如果我在新标签中打开网址,我会得到更好的回复:
HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Fri, 30 Aug 2013 03:00:12 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,Referer,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
虽然这是一个实际的跨源请求,但它只是失败了。
Nginx配置如下:
location ~ ^/zebra/(\d+)(?:/(.*))?$ {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Methods "GET, PUT, POST, OPTIONS";
add_header Access-Control-Allow-Headers "Authorization,Content-Type,Accept,Origin,Referer,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
}
如何配置以使其与CORS一起使用?
答案 0 :(得分:1)
因此,解决方案是确保我们在Node JS端正确配置此Socket IO设置:
io.configure(function() {
io.set('origins', '*:*');
});
..然后不在Nginx端使用CORS做任何时髦的事情, at all 。
从Nginx配置中删除所有add_header Access-Control-Allow次出现已经成功了。