Fatal编程技术网
  • docker/
  • Docker Nginx CORS政策问题

Docker Nginx CORS政策问题

docker nginx cors

Docker Nginx CORS政策问题,docker,nginx,cors,Docker,Nginx,Cors,我正在尝试在我的Nginx容器上设置CORS策略 我已将其设置为我的Nginx设置: server { listen 80; listen [::]:80; server_name example.com www.example.com; location / { rewrite ^ https://$host$request_uri? permanent; } location ~ /.well-known/acme

我正在尝试在我的Nginx容器上设置CORS策略

我已将其设置为我的Nginx设置:

server {
    listen      80;
    listen [::]:80;
    server_name example.com www.example.com;

    location / {
        rewrite ^ https://$host$request_uri? permanent;
    }

    location ~ /.well-known/acme-challenge {
        allow all;
        root /data/letsencrypt;
    }

    location ~* \.(?:gif|jpe?g|png|jpg)$ {
        rewrite ^ https://$host$request_uri? permanent;
    }
}

server {
    listen        80;
    server_name   api.example.com;
    location / {
        rewrite ^ https://$host$request_uri? permanent;
    }

    location ~ /.well-known/acme-challenge {
        allow all;
        root /data/letsencrypt;
    }
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_buffer_size 8k;
    ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
    ssl_ecdh_curve secp384r1;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8;
    return 301 https://www.example.com$request_uri;
}

server {
    server_name www.example.com;
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    ssl on;
    ssl_buffer_size 8k;
    ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
    ssl_ecdh_curve secp384r1;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    location / {
        proxy_bind 127.0.0.1;
        proxy_pass http://localhost:11700;
    }
    location ~* \.(?:gif|jpe?g|png|jpg)$ {
        root /some/dir;
    }
}

server {
    server_name api.example.com;
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    ssl on;
    ssl_buffer_size 8k;
    ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
    ssl_ecdh_curve secp384r1;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    location / {
        proxy_bind 127.0.0.1;
        proxy_pass http://localhost:11900;
    }
}

server {
    listen        11700;
    server_name   localhost;
    index index.html index.htm;
    charset utf-8;
    root /some/other/dir;
    client_max_body_size 100M;
    fastcgi_read_timeout 1800;
    location / {
        try_files $uri $uri/ @rewrites;
    }
    location @rewrites {
        rewrite ^(.+)$ /index.html last;
    }
    location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
        expires max;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
    }
}
server {
    listen        11900;
    server_name   localhost;
    root /some/another/di/r;
    index index.php index.html index.htm;
    charset utf-8;
    client_max_body_size 100M;
    fastcgi_read_timeout 1800;
    location / {
        rewrite ^(/.*)$ /api$1 break;
        proxy_pass http://127.0.0.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_redirect    off;
        try_files $uri $uri/ /index.php?_url=$uri&$args;
    }
    location ~ [^/]\.php(/|$) {
        fastcgi_pass  php-fpm:9000;
        fastcgi_index /index.php;
        include fastcgi_params;
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }
        fastcgi_param PATH_INFO       $fastcgi_path_info;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        include fastcgi_params;
    }
    location ~ /\.ht {
        deny all;
    }
}
当我尝试启动测试时,我得到XMLHttpRequest错误:

访问位于的XMLHttpRequest "来源" “”已被CORS策略阻止:响应 飞行前请求未通过访问控制检查:否 “Access Control Allow Origin”标头出现在请求的服务器上 资源

可能是什么?

您需要允许从api的域
api.example.com
上的
www.example.com
进行访问,因此在api.example.com的虚拟主机中,在
服务器名称
下或在其他
添加头
指令下添加以下行:

add_header 'Access-Control-Allow-Origin www.example.com';
有关CORS的更多信息,您可以查看以下内容:

应该放在哪条线上?我查看了此文档,但没有得到任何结果。请指出应该在哪里查看。为了确保您是否通过www.example.com访问api?