REST API Direct vs Nginx代理

时间:2019-03-02 08:28:41

标签: nginx cors

我是nginx和CORS的新手,发现正确解决这一挑战具有挑战性。

我在服务器上托管了REST服务,该服务器阻止CORS,因此安装了nginx来代理REST调用。有效的方法:

    启用CORS后,
  1. 从api代码到后端服务器的剩余api调用(来自角度代码)
  2. 从chrome到具有cors启用功能的前端nginx服务器的REST API调用

什么不起作用:其余api调用(从角度代码)到前端nginx

我认为CORS部分可以正常工作,因为我不再看到该错误,但是angular响应为空。

对于上述情况,我尝试使用GET和POST方法。即使出现故障,响应代码也为200 OK。

这是nginx conf:

upstream myserver {
    server      myserver.com:8443;
}

server {
    listen       443 ssl;
    listen       [::]:443 ssl;
    server_name  myserver.com;
    ssl_certificate     /some.crt;
    ssl_certificate_key /some.key;

    location /rest-service/ {
        # Simple requests
        if ($request_method ~* "(GET|POST)") {
            add_header "Access-Control-Allow-Origin"  *;
        }

    # Preflighted requests
    if ($request_method = OPTIONS ) {
      add_header "Access-Control-Allow-Origin"  *;
      add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, HEAD";
      add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
      return 200;
    }

        proxy_pass_header       Server;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Scheme $scheme;
        proxy_set_header        X-NginX-Proxy true;
        proxy_connect_timeout   5;
        proxy_read_timeout      240;
        proxy_intercept_errors  on;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;
        proxy_pass                      https://myserver/rest-service/;
        proxy_ssl_trusted_certificate   /some.pem;
        proxy_ssl_verify                off;
        proxy_ssl_session_reuse         on;

    }
}

这是角度/打字稿代码(从loaclhost运行):

  ngOnInit() {
    let url='https://myserver.com/rest-service/login?login=admin&password=password';
    this.http.get(this.url).subscribe((response) => {console.log(response); });
  }

1 个答案:

答案 0 :(得分:0)

我想我已经解决了这个问题并将其发布在这里;希望对别人有帮助。

以下工作:

    if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' 'http://localhost:4200' always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers' 'Origin,Keep-Alive,User-Agent,Cache-Control,Content-Type,Accept' always;
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
    }
    if ( $request_method = 'GET' ) {
        add_header 'Access-Control-Allow-Origin' 'http://localhost:4200' always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers' 'Origin,Keep-Alive,User-Agent,Cache-Control,Content-Type,Accept' always;
        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
    }
    if ( $request_method = 'POST' ) {
        add_header 'Access-Control-Allow-Origin' 'http://localhost:4200' always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers' 'Origin,Keep-Alive,User-Agent,Cache-Control,Content-Type,Accept' always;
        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
    }