Question

挣扎着一个奇怪的问题。我已经安装了nginx并使用fpm使用PHP7提供页面而没有问题。但是，当angular发出导致4xx或5xx响应代码的CORS请求时，不会发送CORS头，也不会发送任何正文/内容。

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /var/www/api/current/public;
    index index.php index.html index.htm;

    # Make site accessible from http://localhost/
    server_name xxx.xxx.xxx.xxx api.mydomain.com;

    location / {
        # First attempt to serve request as file, then
        try_files $uri $uri/ /api.php?$query_string;
    }

    client_max_body_size 100m;

    proxy_intercept_errors off;

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
        #try_files $uri /api.php?query_string =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_buffer_size 16k;
        fastcgi_buffers 4 16k;
        fastcgi_intercept_errors off;
        include fastcgi_params;


        if ($request_method = POST) {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Expose-Headers' "X-AuthToken";
            add_header 'Access-Control-Expose-Headers' "X-TemporaryPassword";

        }

        if ($request_method = GET) {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Expose-Headers' "X-AuthToken";
        }

        if ($request_method = QUERY) {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Expose-Headers' "X-AuthToken";
        }

        if ($request_method = DELETE) {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Expose-Headers' "X-AuthToken";
        }

        if ($request_method = PATCH) {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Expose-Headers' "X-AuthToken";
        }

        if ($request_method = OPTIONS) {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';

            add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, QUERY, PATCH';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-AuthToken';

            add_header 'Content-Length' 0;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            return 204;
        }

    }

}

Answer 1

nginx似乎没有在http错误代码上发送自定义标头。将我的nginx更新为1.8.x，以便我可以在add_header上使用第三个标志：always。

add_header 'Access-Control-Allow-Origin' "$http_origin" always;

这就是诀窍。

NGINX php7.0没有从CORS请求发送错误代码的正文

1 个答案: