Iframe 401 Unauthorized NGINX 3CX
我想在我的网站中使用iframe 3CX webclient。这个iframe在Firefox和Internet Explorer上运行正常但在Chrome上不起作用(iframe出现但我无法登录)。当我在Chrome上访问控制台时,错误是:
“无法加载资源:服务器响应的状态为401 (Unautorized)”。
当我进入网络标签时, xhr 文件为红色,这是捕获文件标题错误:
我拥有此3CX服务器的每个文件。正如您所看到的,3CX使用Nginx,这是Nginx的配置文件:
#user nobody;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 10240;
}
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' $http_connection;
}
include mime.types;
default_type application/octet-stream;
#limit_req_zone $binary_remote_addr zone=perip:50m rate=1000r/s;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
add_header X-Frame-Options "SAMEORIGIN";
listen 5000;
listen [::]:5000;
server_name gesika.3cx.fr;
server_tokens off;
access_log off;
error_log nul crit;
allow 192.168.0.0/16;
allow 172.16.0.0/12;
allow 10.0.0.0/8;
allow 127.0.0.1;
allow ::0/0;
deny all;
client_max_body_size 300m;
location /user_images {
expires 1y;
add_header Pragma public;
add_header Cache-Control "public";
root "C:/ProgramData/3CX/Data/Http/wwwroot";
}
location ~ /webclient/.*\.(js|css|woff|woff2|json|mp3)$ {
expires 1y;
add_header Pragma public;
add_header Cache-Control "public";
root "C:/ProgramData/3CX/Data/Http/wwwroot";
}
location ~ index\.html {
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma no-cache;
expires 0;
root "C:/ProgramData/3CX/Data/Http/wwwroot";
}
location / {
index index.html;
root C:/ProgramData/3CX/Data/Http/wwwroot;
try_files $uri $uri/ @proxy;
}
location /MyPhone {
alias C:/ProgramData/3CX/Instance1/Data/Http/Interface/MyPhone;
try_files $uri $uri/ @proxy;
}
location @proxy {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:5004;
proxy_buffering off;
}
location /management/Reports {
alias "C:/ProgramData/3CX/Instance1/Data/Http/Reports";
}
}
server {
add_header X-Frame-Options "SAMEORIGIN";
listen 5001 ssl;
listen [::]:5001 ssl;
server_name gesika.3cx.fr;
server_tokens off;
access_log off;
error_log nul crit;
ssl_dhparam Instance1/dhparam.pem;
ssl_session_cache shared:SSL:60m;
ssl_session_timeout 1d;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
ssl_certificate Instance1/gesika.3cx.fr-crt.pem;
ssl_certificate_key Instance1/gesika.3cx.fr-key.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA:!ECDHE-ECDSA-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
client_max_body_size 300m;
location /user_images {
expires 1y;
add_header Pragma public;
add_header Cache-Control "public";
root "C:/ProgramData/3CX/Data/Http/wwwroot";
}
location ~ /webclient/.*\.(js|css|woff|woff2|json|mp3)$ {
expires 1y;
add_header Pragma public;
add_header Cache-Control "public";
root "C:/ProgramData/3CX/Data/Http/wwwroot";
}
location ~ index\.html {
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma no-cache;
expires 0;
root "C:/ProgramData/3CX/Data/Http/wwwroot";
}
location / {
index index.html;
root "C:/ProgramData/3CX/Data/Http/wwwroot";
try_files $uri $uri/ @proxy;
}
location /MyPhone {
alias "C:/ProgramData/3CX/Instance1/Data/Http/Interface/MyPhone";
try_files $uri $uri/ @proxy;
}
location @proxy {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:5004;
proxy_buffering off;
}
location /management/Reports {
alias "C:/ProgramData/3CX/Instance1/Data/Http/Reports";
}
}
}
正如您所看到的那样add_header X-Frame-Options "SAMEORIGIN";。我删除了这一行。我也尝试用add_header X-Frame-Options "ALLOW-FROM *";替换它,但它仍然不起作用。我没有忘记重新加载我的服务器。
我尝试在配置文件中添加它:
location ~* \.(eot|ttf|woff|woff2)$ {
add_header Access-Control-Allow-Origin *;
}
当我在3CX服务器的同一域中创建页面时,我的iframe可在Chrome上运行。所以问题在于跨域起源(CORS)。
提前感谢任何能够帮助我解决此问题的人。
1 个答案:
答案 0 :(得分:0)
更改3cx nginx conf文件夹中的共享头文件设置 您几乎没有像X框架这样的参数,并且某些祖先设置要么放置您的网站域,要么将其删除,以便允许所有人访问。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?