nginx解決跨域
Nginx 解決API跨域問題
利用Nginx能夠最簡單且高效解決跨域問題。html
跨域是先後端分離開發中很是常見的問題。這個問題網上已經有很是多的答案,但大部分是編程框架裏面添加CORS頭。但不管用什麼Web框架,現已很難離開Nginx。所以直接在Nginx中處理跨域問題有得天獨厚的優點,能夠將OPTIONS請求攔截在API服務以前,節約服務器開銷。nginx
簡單說,跨域分爲簡單跨域和複雜跨域。編程
簡單跨域不會發送OPTIONS請求。後端
複雜跨域會發送一個預檢查OPTIONS請求。跨域
複雜跨域的條件是:瀏覽器
- 非GET、HEAD、POST請求。
- POST請求的
Content-Type不是application/x-www-form-urlencoded,multipart/form-data, 或text/plain。 - 添加了自定義header,例如
Token。
跨域請求瀏覽器會在Headers中添加Origin,一般狀況下不容許用戶修改其值。bash
配置示例
server { listen 80; server_name _; charset utf-8; location / { if ($http_origin ~ '^http(s)?://(localhost|www\.你的域名\.com)$') { add_header 'Access-Control-Allow-Origin' "$http_origin" always; add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Token, x-access-token' always; } if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' "$http_origin" always; add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Token, x-access-token' always; # Tell client that this pre-flight info is valid for 20 days add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain charset=utf-8'; add_header 'Content-Length' 0; return 204; } proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-NginX-Proxy true; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_pass http://127.0.0.1:8080; proxy_redirect off; } }
CRUL跨域測試
GET請求成功返回跨域頭:服務器
➜ ~ curl -I -H "Origin: http://localhost" http://localhost HTTP/1.1 403 Forbidden Server: nginx/1.15.6 Date: Wed, 14 Nov 2018 07:56:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 153 Connection: keep-alive Access-Control-Allow-Origin: http://localhost Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Token, x-access-token
OPTIONS預檢請求成功返回跨域頭:app
➜ ~ curl -I -H "Origin: http://localhost" -X OPTIONS http://localhost HTTP/1.1 204 No Content Server: nginx/1.15.6 Date: Wed, 14 Nov 2018 08:19:36 GMT Connection: keep-alive Access-Control-Allow-Origin: http://localhost Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With, Token, x-access-token Access-Control-Max-Age: 1728000 Content-Type: text/plain charset=utf-8 Content-Length: 0
相關文章
- 1. nginx解決跨域
- 2. nginx解決跨域問題
- 3. nginx跨域問題解決
- 4. 解決nginx跨域問題
- 5. Nginx解決CORS跨域解決方案
- 6. 跨域----cors解決跨域
- 7. CORS解決跨域問題(Nginx跨域配置)
- 8. 跨域解決方案之nginx
- 9. nginx解決瀏覽器跨域問題
- 10. nginx 解決圖片跨域問題
- 更多相關文章...
- • SVN 解決衝突 - SVN 教程
- • Docker 安裝 Nginx - Docker教程
- • PHP Ajax 跨域問題最佳解決方案
- • Scala 中文亂碼解決
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. nginx解決跨域
- 2. nginx解決跨域問題
- 3. nginx跨域問題解決
- 4. 解決nginx跨域問題
- 5. Nginx解決CORS跨域解決方案
- 6. 跨域----cors解決跨域
- 7. CORS解決跨域問題(Nginx跨域配置)
- 8. 跨域解決方案之nginx
- 9. nginx解決瀏覽器跨域問題
- 10. nginx 解決圖片跨域問題