在Kubernetes上重写CORS会导致连接错误
我正在尝试一个测试,在该测试中,我为所有域启用CORS(在用例正常工作后将受到限制) 据我所知,我应该将在Kubernetes上重写CORS会导致连接错误,kubernetes,Kubernetes,我正在尝试一个测试,在该测试中,我为所有域启用CORS(在用例正常工作后将受到限制) 据我所知,我应该将--cors-allowed-origins=[“http://*”]添加到我的kube-apiserver.manifest 然而,当我尝试这样做时: spec: containers: - command: - /bin/sh - -c - /usr/local/bin/kube-apiserver --address=127.0.0.1 --admissi
--cors-allowed-origins=[“http://*”]kube-apiserver.manifestspec:
containers:
- command:
- /bin/sh
- -c
- /usr/local/bin/kube-apiserver --address=127.0.0.1 --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,Priority,ResourceQuota
--allow-privileged=true --anonymous-auth=false --apiserver-count=1 --authorization-mode=AlwaysAllow
--basic-auth-file=/srv/kubernetes/basic_auth.csv --client-ca-file=/srv/kubernetes/ca.crt
--cloud-provider=aws --etcd-servers-overrides=/events#http://127.0.0.1:4002
--etcd-servers=http://127.0.0.1:4001 --insecure-port=8080 --kubelet-preferred-address-types=InternalIP,Hostname,ExternalIP
--proxy-client-cert-file=/srv/kubernetes/apiserver-aggregator.cert --proxy-client-key-file=/srv/kubernetes/apiserver-aggregator.key
--requestheader-allowed-names=aggregator --requestheader-client-ca-file=/srv/kubernetes/apiserver-aggregator-ca.cert
--requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group
--requestheader-username-headers=X-Remote-User --secure-port=443 --service-cluster-ip-range=100.64.0.0/13
--storage-backend=etcd2 --tls-cert-file=/srv/kubernetes/server.cert --tls-private-key-file=/srv/kubernetes/server.key
--token-auth-file=/srv/kubernetes/known_tokens.csv --v=2 2>&1 | /bin/tee -a
--cors-allowed-origins=["https://*"]
The connection to the server 127.0.0.1 was refused - did you specify the right host or port?
- kube-apiserver
--cors-allowed-origins=["https://*"]
[Error] Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin.
[Error] XMLHttpRequest cannot load https://example.com/auth/realms/name/protocol/openid-connect/token due to access control checks.
[Error] Failed to load resource: Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin. (token, line 0)
[Error] Preflight response is not successful
[Error] XMLHttpRequest cannot load https://example.com/api/v1/users/me/profile? due to access control checks.
看起来您正在尝试使用http协议访问api服务器,请尝试:
--cors-allowed-origins=["http://*"]
看起来您正在尝试使用http协议访问api服务器,请尝试:
--cors-allowed-origins=["http://*"]
--cors-allowed-origins=example.com,example2.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, If-Modified-Since
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Origin: http://example.com
--cors-allowed-origins=example.com,example2.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, If-Modified-Since
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
Access-Control-Allow-Origin: http://example.com
希望有帮助。我在http和httpsI中遇到CORS问题在http和httpsSo中遇到CORS问题你是说你觉得我的kubernetes设置是正确的?我不确定,因为缺少有关你的应用程序部署的信息,但似乎你应该设置你的服务器端应用程序来获得想要的效果。我想我只是不明白Kubernetes是如何进行访问控制的。我以为API的访问控制就是在这里配置的。现在我很困惑<代码>CORS或跨源资源共享由几个HTTP响应头组成,用于让web浏览器知道是否可以将数据发布到特定端点。在我的示例中,请求是针对Kubernetes API发出的。在您的情况下,您可能正在使用不同的端点。F.E.对于nginx confgi,您可能应该使用
add_header'Access Control Allow Origin'*.add_header'Access Control Allow Origin'*.