Nginx 前端跨域
    Nginx的CORS配置几乎都是类似下面这三两行:

    1. add_header Access-Control-Allow-Origin *;
    2. add_header Access-Control-Allow-Headers X-Requested-With;
    3. add_header Access-Control-Allow-Methods GET,POST,OPTIONS;

    这样有用么?有用,以前这样使用也正常过,但后来还是遇到问题了,发现有些项目请求就不成功,也遇到有些浏览器成功,有些浏览器不成功;
    在网上查找各种资料和调整写法,最后调整好的写法,基本的使用没问题!
    部分配置示例:

    1. location /xxx-web {
    2. add_header 'Access-Control-Allow-Origin' $http_origin;
    3. add_header 'Access-Control-Allow-Credentials' 'true';
    4. add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    5. add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
    6. add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
    7. if ($request_method = 'OPTIONS') {
    8. add_header 'Access-Control-Max-Age' 1728000;
    9. add_header 'Content-Type' 'text/plain; charset=utf-8';
    10. add_header 'Content-Length' 0;
    11. return 204;
    12. }
    13. root html;
    14. index index.html index.htm;
    15. proxy_pass http://127.0.0.1:8080;
    16. proxy_set_header Host $host;
    17. proxy_set_header X-Real-IP $remote_addr;
    18. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    19. proxy_set_header X-Forwarded-Proto $scheme;
    20. proxy_connect_timeout 5;
    21. }

    跨域相关的配置,主要是下面这部分:

    1. add_header 'Access-Control-Allow-Origin' $http_origin;
    2. add_header 'Access-Control-Allow-Credentials' 'true';
    3. add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    4. add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
    5. add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
    6. if ($request_method = 'OPTIONS') {
    7. add_header 'Access-Control-Max-Age' 1728000;
    8. add_header 'Content-Type' 'text/plain; charset=utf-8';
    9. add_header 'Content-Length' 0;
    10. return 204;
    11. }

    下面简单讲解一下,以便大家配置成功!
    1、Access-Control-Allow-Origin,这里使用变量 $http_origin取得当前来源域,用“*”代表允许所有,实际使用并不成功,原因未知;
    2、Access-Control-Allow-Credentials,为 true 的时候指请求时可带上Cookie,自己按情况配置;
    3、Access-Control-Allow-Methods,OPTIONS一定要有的,另外一般也就GET和POST,如果有其它的也可加进去;
    4、Access-Control-Allow-Headers,这个要注意,里面一定要包含自定义的http头字段(就是说前端请求接口时,如果在http头里加了自定义的字段,这里配置一定要写上相应的字段),从上面可看到写的比较长,里面有“web-token”和“app-token”;
    5、Access-Control-Expose-Headers,可不设置,大致意思是默认只能获返回头的6个基本字段,要获取其它额外的,先在这设置才能获取它;
    6、语句“if ($request_method = 'OPTIONS') { ”,因为浏览器判断是否允许跨域时会先往后端发一个 options 请求,然后根据返回的结果判断是否允许跨域请求,所以这里单独判断这个请求,然后直接返回;
    按上面配置基本都可使用,下面发一个实际配置供参考,做了少量更改,如下:

    1. server {
    2. listen 80;
    3. server_name xxx.com;
    4. location /xxx-web/papi {
    5. add_header 'Access-Control-Allow-Origin' $http_origin;
    6. add_header 'Access-Control-Allow-Credentials' 'true';
    7. add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    8. add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
    9. add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
    10. if ($request_method = 'OPTIONS') {
    11. add_header 'Access-Control-Max-Age' 1728000;
    12. add_header 'Content-Type' 'text/plain; charset=utf-8';
    13. add_header 'Content-Length' 0;
    14. return 204;
    15. }
    16. root html;
    17. index index.html index.htm;
    18. proxy_pass http://127.0.0.1:7071;
    19. proxy_set_header Host $host;
    20. proxy_set_header X-Real-IP $remote_addr;
    21. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    22. proxy_set_header X-Forwarded-Proto $scheme;
    23. proxy_connect_timeout 5;
    24. }
    25. location /xxx-web {
    26. add_header 'Access-Control-Allow-Origin' $http_origin;
    27. add_header 'Access-Control-Allow-Credentials' 'true';
    28. add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    29. add_header 'Access-Control-Allow-Headers' 'DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
    30. add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
    31. if ($request_method = 'OPTIONS') {
    32. add_header 'Access-Control-Max-Age' 1728000;
    33. add_header 'Content-Type' 'text/plain; charset=utf-8';
    34. add_header 'Content-Length' 0;
    35. return 204;
    36. }
    37. root html;
    38. index index.html index.htm;
    39. proxy_pass http://127.0.0.1:8080;
    40. proxy_set_header Host $host;
    41. proxy_set_header X-Real-IP $remote_addr;
    42. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    43. proxy_set_header X-Forwarded-Proto $scheme;
    44. proxy_connect_timeout 5;
    45. }
    46. location / {
    47. root /var/www/xxx/wechat/webroot;
    48. index index.html index.htm;
    49. }
    50. error_page 500 502 503 504 /50x.html;
    51. location = /50x.html {
    52. root html;
    53. }
    54. }