我是nginx和CORS的新手,发现正确解决这一挑战具有挑战性。
我在服务器上托管了REST服务,该服务器阻止CORS,因此安装了nginx来代理REST调用。有效的方法:
什么不起作用:其余api调用(从角度代码)到前端nginx
我认为CORS部分可以正常工作,因为我不再看到该错误,但是angular响应为空。
对于上述情况,我尝试使用GET和POST方法。即使出现故障,响应代码也为200 OK。
这是nginx conf:
upstream myserver {
server myserver.com:8443;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name myserver.com;
ssl_certificate /some.crt;
ssl_certificate_key /some.key;
location /rest-service/ {
# Simple requests
if ($request_method ~* "(GET|POST)") {
add_header "Access-Control-Allow-Origin" *;
}
# Preflighted requests
if ($request_method = OPTIONS ) {
add_header "Access-Control-Allow-Origin" *;
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, HEAD";
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
return 200;
}
proxy_pass_header Server;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_connect_timeout 5;
proxy_read_timeout 240;
proxy_intercept_errors on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass https://myserver/rest-service/;
proxy_ssl_trusted_certificate /some.pem;
proxy_ssl_verify off;
proxy_ssl_session_reuse on;
}
}
这是角度/打字稿代码(从loaclhost运行):
ngOnInit() {
let url='https://myserver.com/rest-service/login?login=admin&password=password';
this.http.get(this.url).subscribe((response) => {console.log(response); });
}
答案 0 :(得分:0)
我想我已经解决了这个问题并将其发布在这里;希望对别人有帮助。
以下工作:
if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' 'http://localhost:4200' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Origin,Keep-Alive,User-Agent,Cache-Control,Content-Type,Accept' always; add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Content-Length' 0; return 204; } if ( $request_method = 'GET' ) { add_header 'Access-Control-Allow-Origin' 'http://localhost:4200' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Origin,Keep-Alive,User-Agent,Cache-Control,Content-Type,Accept' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; } if ( $request_method = 'POST' ) { add_header 'Access-Control-Allow-Origin' 'http://localhost:4200' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Origin,Keep-Alive,User-Agent,Cache-Control,Content-Type,Accept' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; }