Question

目前我的这些.htaccess规则在我的Apache服务器上完美运行：

<IfModule mod_headers.c>
    SetEnvIf Origin "https://(www\.)?(domain.com|beta.domain.com|domain.loc)$" AccessControlAllowOrigin=$0
    Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
    Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token, X-XSRF-TOKEN"
    Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    Header set Access-Control-Allow-Credentials true
</IfModule>

<IfModule mod_rewrite.c>
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

最近切换到nginx的决定要求我们实现相同的目标。我仍然掌握它的内部结构，并且真的需要帮助将其转换为它的nginx配置对应物。

编辑：到目前为止我尝试了什么：

server {
    listen 80;
    listen [::]:80;
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;

    server_name api.mydomain.loc;

    root /var/www/mydomain/api/public;

    index index.html index.htm index.php;

    location / {
        if ($http_origin ~* https://(www\.)?(mydomain.loc)) {
            add_header Access-Control-Allow-Origin $http_origin;
            add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token, X-XSRF-TOKEN";
            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
            add_header Access-Control-Allow-Credentials true;
        }

        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Max-Age' 1728000;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            add_header 'Content-Length' 0;
            return 204;
        }

        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
              try_files $uri =404;
              fastcgi_split_path_info ^(.+\.php)(/.+)$;
              fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
              include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

非常感谢帮助。

Answer 1

问题中Apache配置的最简单的nginx等价物是，只需使用add_header并将其全部包含在与if进行正则表达式匹配的$http_origin块中：

location / {   
  if ($http_origin ~* https://(www\.)?(domain.com|beta.domain.com|domain.loc)) {
    add_header Access-Control-Allow-Origin $http_origin;
    add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token, X-XSRF-TOKEN";
    add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    add_header Access-Control-Allow-Credentials true
  }
  # use $http_authorization to get the value of the Authorization request header
}

nginx不需要使用Apache做的额外RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]内容;而只是使用$http_authorization。

请注意variables in nginx that have names prefixed with $http_是特殊变量：

$http_name
任意请求头字段;变量名称的最后一部分是字段名称
转换为小写，短划线替换为下划线

因此$http_origin为您提供Origin请求标头的值，$http_authorization为您提供Authorization请求标头的值等。

CORS规则从Apache .htaccess转换为nginx

1 个答案: