http { ...... add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Headers X-Requested-With; add_header Access-Control-Allow-Methods GET,POST,OPTIONS; ...... } 或者 http { if ($http_origin ~ https://xxx.com) { add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Credentials' "true"; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; } .... } 这样就可以实现GET,POST,OPTIONS的跨域请求的支持 也可以 add_header Access-Control-Allow-Origin http://xxx.com; --指定允许的url;
配置项详细解释:w3c-Cross-Origin Resource Sharing
