Question

当前的nginx配置：

server {
    listen hidden:80;
    server_name dev.hidden.com;
    root /var/www/back/hidden-api;


    location / {
        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Allow-Headers' "Origin, X-Requested-With, Content-Type, Accept" always;

        proxy_pass http://localhost:8081;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

}

那只是没有尝试，但是错误仍然存在：

Access to XMLHttpRequest at 'http://dev.hidden.com/usr/register/do' from origin 'http://front.hidden.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

Answer 1

您能否尝试在位置块内的配置中添加以下内容：

if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Allow-Headers' "Origin, X-Requested-With, Content-Type, Accept" always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain; charset=utf-8';
        add_header 'Content-Length' 0;
        return 204;
     }

有关CORS Preflight检查的更多信息，请参见https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Preflighted_requests。

Nginx。被CORS政策封锁

1 个答案: