dougu1990
dougu1990
2018-07-09 06:41
浏览 144
已采纳

在Nginx Swoole代理上CORS的配置是什么?

This has been frustrating me to no end. I've been getting that classic line:

No 'Access-Control-Allow-Origin' header is present on the requested resource.

I'm running the latest stable Nginx on Ubuntu 16.04, with a Swoole server configured to handle the Laravel PHP requests in PHP 7.2. As far as I know it's all working.

The Laravel api is on one subdomain, and the frontend is an angular on another subdomain. Up till now everything's worked, so I've been trying to configure CORS on the backend site.

Despite having it configured, it's not recognising that exists. Yes I restart nginx every time I update the config. Caching at the moment is off for dev purposes. Nginx config shortened below:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}
server {
        listen 80;
        listen [::]:80;
        root /var/www/sub.example.com/;

        index index.php;

        server_name sub.example.com www.sub.example.com;
        [redirect 301 part]

        [php location]

}
## https://example.com redirects to https://www.example.com
server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name www.sub.example.com;

        [SSL certs]


        [redirect 301 to sub.example.com]
}

## Serves https://sub.example.com
server {
        server_name lhb.luminuxlab.com;
        listen 443 ssl http2 ;
        listen [::]:443 ssl http2;

        [SSL certs]

        root /var/www/sub.example.com;
        index index.php;

        location / {

                try_files $uri $uri/ /index.php?@swoole;
        }


        [php stuff]


        location @swoole {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow_Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Ra$
        add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
        proxy_set_header Host $http_host;
        proxy_set_header Scheme $scheme;
        proxy_set_header SERVER_PORT $server_port;
        proxy_set_header REMOTE_ADDR $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;

        # IF https
        proxy_set_header HTTPS "on";

        proxy_pass http://127.0.0.1:1215$query_string;
    }
}

I've tried shifting the headers to a bunch of different places but I've had no luck getting a change in response, ping the server with curl

curl -H "Access-Control-Request-Method: GET" -H "Origin: http://front.example.com" --head http://back.example.com/

Gives no useful information and the CORS headers don't seem to be included. I've tried different variations and configurations of the CORS header commands and no response.

Anybody got an idea of what might be going wrong?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • doudong8713
    doudong8713 2018-07-10 02:42
    已采纳

    Ok problem solved. After more experimentation I found that the correct location for the access control headers was in the final https redirect before the proxy redirect to swoole. Like so:

    ## Serves https://sub.example.com
    server {
            server_name sub.example.com;
            listen 443 ssl http2 ;
            listen [::]:443 ssl http2;
    
            [ssl stuff]
    
    
            add_header 'Access-Control-Allow-Origin' 'https://front.example.com';
            add_header 'Access-Control-Allow_Credentials' 'true';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,Content-Type,Content-Range,Range';
            add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS';
    
            root /var/www/sub.example.com/;
            ....
    
           location @swoole {
            ....
    
            proxy_pass http://127.0.0.1:1215$query_string;
        }
    }
    

    Hope this helps people in the future.

    点赞 评论

相关推荐