Ajax NGINX CORS问题
有一个使用nginx1.16的服务器,用于通过AJAX上传文件 以下是NGINX文件的配置设置Ajax NGINX CORS问题,ajax,nginx,cors,Ajax,Nginx,Cors,有一个使用nginx1.16的服务器,用于通过AJAX上传文件 以下是NGINX文件的配置设置 location ~ \.php$ { include snippets/fastcgi-php.conf; # # With php-fpm (or other unix sockets): fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; # With php-cgi (or other tcp sockets): #fastcgi_pass 127.
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# With php-cgi (or other tcp sockets):
#fastcgi_pass 127.0.0.1:9000;
if ($request_method = "OPTIONS") {
add_header Access-Control-Allow-Origin 'http://myserver.com';
add_header Access-Control-Allow-Credentials false;
add_header Access-Control-Allow-Methods 'DELETE,GET,OPTIONS,POST,PUT';
add_header Access-Control-Allow-Headers 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Token-Auth,X-Mx-ReqToken,X-Requested-With';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
add_header Access-Control-Allow-Origin 'http://myserver.com';
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Methods 'DELETE,GET,OPTIONS,POST,PUT';
add_header Access-Control-Allow-Headers 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Token-Auth,X-Mx-ReqToken,X-Requested-With';
}
这是旋度的测试结果
当您尝试上载文件时,控制台中将显示CORS错误
当服务器上打开СORS时,可能有人遇到类似的行为,但还是会弹出一个错误
UPD:还注意到浏览器中不显示标题。假设这就是原因,那么如何“强制”服务器提供头呢
添加标题访问控制允许源“”;你的设置是错误的
location / {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#
# Custom headers and headers various browsers *should* be OK with but aren't
#
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
#
# Tell client that this pre-flight info is valid for 20 days
#
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
}
响应的HTTP状态代码是什么?您可以使用浏览器devtools中的网络窗格进行检查。这是4xx还是5xx错误,而不是200 OK成功响应?代码不会发出,以红色书写“(失败)”尝试禁用所有扩展,和/或在匿名窗口中尝试。然后尝试清除该站点的Cookie和浏览器缓存。并禁用您安装的任何防病毒软件。然后从不同的浏览器、不同的机器和不同的网络进行尝试。关键是要消除其他正在运行的软件或您的计算机可能干扰请求的可能性,并消除某些防火墙设置干扰请求的可能性,等等@sideshowbarker,我们已经多次这样做了-结果为零。最有趣的是,服务器没有给浏览器提供头。我们尝试了这个配置选项,但没有解决问题。您是否在php控制器端添加了头,尝试使用哪个api?在服务器端试试这个。这是工作环境。它应该会起作用,但也许这将是我们将使用的最后一个选项。这个问题必须设法解决,而不是绕开它。)也许这会对你有所帮助。