1.Nginx通过CORS实现跨域
add_header 'Access-Control-Allow-Origin' 'https://wlt-client.tourismshow.cn' always;
Access-Control-Allow-Credentials: true always;
https://mp.weixin.qq.com/s?__biz=MzI3MTI2NzkxMA==&mid=2247484408&idx=1&sn=5c64dd43ff2060e1c4a22d93e4e887c9&chksm=eac522d1ddb2abc7b576878a2e85204f988a38f9294158a139a51c2df540e40a8c6bef112c8e&mpshare=1&scene=1&srcid=0527Z34YTJ9oL6xCZUtNrE6w&sharer_sharetime=1590565036008&sharer_shareid=9740bba782c9689ef96565edaf6756f2&rd2werd=1#wechat_redirect
https://www.jianshu.com/p/c03d33663cfc
参考:https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS
2. 当A、B两个网站属于不同域时,来自于A网站页面中的JavaScript代码访问B网站时,浏览器会拒绝该访问。
设置跨域资源共享 https://help.aliyun.com/document_detail/31870.html?spm=5176.8466060.help.dexternal.7ebf1450QHlyCF
设置跨域资源共享 - 对象存储 OSS - 阿里云 (aliyun.com)
3. 阿里云跨域设置
*
GET
POST
PUT
DELETE
HEAD
*
ETag
x-oss-request-id
3600
4. nginx跨域设置
server {
listen 8099;
location / {
set $origin_flag true;
if ($request_method = 'OPTIONS') {
set $origin_flag false;
}
if ($request_method = 'GET') {
set $origin_flag false;
}
if ($origin_flag = true) {
add_header Access-Control-Allow-Origin *;
}
add_header Access-Control-Allow-Headers "content-md5,token,x-oss-security-token,x-oss-date,x-oss-user-agent,$http_access_control_allow_headers";
#不能使用upstream的方式,如使用后,直接方式URL后会报no such bucket
#这是因为模拟器会把upstream的名称解析为bucketname。
proxy_pass http://127.0.0.1:8999;
}
}
配置跨域:nginx add_header not working - Stack Overflow
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
add_header PS 1
location ~^/api/teapi/dy-biz/ {
# IDE云化 start OPTIONS请求
if ( $request_method = 'OPTIONS' ) {
return 204;
}
# IDE云化 start OPTIONS请求
set $jwtok "error";
set $ss_tenant_code '';
set $ss_account_code '';
access_by_lua_file '/usr/local/openresty/nginx/scripts/apaas_jwtdecode_withoutcheck.lua';
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Request-Url $request_uri;
# IDE 云化 start Access-Control-Allow-Origin
if ( $upstream_http_Access-Control-Allow-Origin = '' ){
more_set_headers "Access-Control-Allow-Origin *";
}
# IDE 云化 end Access-Control-Allow-Origin
add_header Access-Control-Allow-Headers "token,debug,update,username,req_id,dynamicid,idecode,$http_access_control_allow_headers";
proxy_pass http://bizserv;
rewrite ^/api/teapi/dy-biz/(.+)/(.+) /biz/run?mocode=$1&lgcode=$2 break;
}
用一个例子来演示会更加清晰