Ajax Nginx-PHP-API-CORS
我正在用VueJS开发SPA,它应该在远程域上使用PHPAPI/Nginx进行操作。当然我也遇到过CORS的问题 以下是最近的Nginx配置文件:Ajax Nginx-PHP-API-CORS,ajax,nginx,cors,Ajax,Nginx,Cors,我正在用VueJS开发SPA,它应该在远程域上使用PHPAPI/Nginx进行操作。当然我也遇到过CORS的问题 以下是最近的Nginx配置文件: location / { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'A
location / {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, HEAD';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,some_my_tokens';
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Max-Age' '1728000';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Origin,Content-Type,Accept,Authorization,some_my_tokens';
add_header 'Content-Type' 'text/plain; charset=UTF-8';
add_header 'Content-Length' '0';
return 204;
}
try_files $uri $uri/ /index.php?$args;
}
我仍然收到错误“请求的资源上不存在“Access Control Allow Origin”头。因此不允许对源“”进行访问。”
请提供帮助。在index.php中添加以下代码
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
}
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
exit(0);
}
在index.php中添加以下代码
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
}
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
exit(0);
}
它之所以说请求的资源上不存在“Access Control Allow Origin”(访问控制允许来源)头,是因为 等等 请求的资源上不存在“Access Control Allow Origin”标头 您的位置块中有此指令:
add_header 'Access-Control-Allow-Origin' '*';
但是对于OPTIONS
请求,您有一个if
条件,在该级别内,您没有访问控制Allow Origin头
从
可能有几个add_头指令。这些指令是
从上一级别继承的当且仅当没有
添加在当前级别上定义的\u头指令
因此,您的
选项
飞行前将缺少标题。它说请求的资源上不存在“访问控制允许原始”标题的原因是
等等
请求的资源上不存在“Access Control Allow Origin”标头
您的位置块中有此指令:
add_header 'Access-Control-Allow-Origin' '*';
但是对于OPTIONS
请求,您有一个if
条件,在该级别内,您没有访问控制Allow Origin头
从
可能有几个add_头指令。这些指令是
从上一级别继承的当且仅当没有
添加在当前级别上定义的\u头指令
因此,您的
选项
飞行前将缺少标题。我建议在nginx.conf上使用更多设置标题
,而不是添加标题
,例如:
location / {
more_set_headers 'Access-Control-Allow-Origin' '*';
more_set_headers 'Access-Control-Allow-Credentials' 'true';
more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, HEAD';
more_set_headers 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,some_my_tokens';
if ($request_method = 'OPTIONS') {
more_set_headers 'Access-Control-Max-Age' '1728000';
more_set_headers 'Access-Control-Allow-Credentials' 'true';
more_set_headers 'Access-Control-Allow-Headers' 'Origin,Content-Type,Accept,Authorization,some_my_tokens';
more_set_headers 'Content-Type' 'text/plain; charset=UTF-8';
more_set_headers 'Content-Length' '0';
return 204;
}
try_files $uri $uri/ /index.php?$args;
}
more_set_headers指令是模块的一部分,包含在nginx的中,您可以通过以下操作将其安装到ubuntu 16上:
sudo apt get安装nginx extras
我建议在nginx.conf上使用
more\u set\u headers
,而不是add\u header
,例如:
location / {
more_set_headers 'Access-Control-Allow-Origin' '*';
more_set_headers 'Access-Control-Allow-Credentials' 'true';
more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, HEAD';
more_set_headers 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,some_my_tokens';
if ($request_method = 'OPTIONS') {
more_set_headers 'Access-Control-Max-Age' '1728000';
more_set_headers 'Access-Control-Allow-Credentials' 'true';
more_set_headers 'Access-Control-Allow-Headers' 'Origin,Content-Type,Accept,Authorization,some_my_tokens';
more_set_headers 'Content-Type' 'text/plain; charset=UTF-8';
more_set_headers 'Content-Length' '0';
return 204;
}
try_files $uri $uri/ /index.php?$args;
}
more_set_headers指令是模块的一部分,包含在nginx的中,您可以通过以下操作将其安装到ubuntu 16上:
sudo apt get安装nginx extras
PHP黑客确实有用。有没有办法只用nginx config来解决这个问题?@dayan,你可以通过nginx.conf来解决这个问题,看看我的回答PHP黑客是否有效。只有nginx config可以解决吗?@dayan,你可以通过nginx.conf来解决,看看我的答案