/usr/local/nginx/conf/nginx.conf
# 代理接口
location ^~ /api/ {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers Origin,X-Requested-Width,Content-Type,Accept;
proxy_set_header referer "http://shanghaimon.aegis-info.com";
proxy_set_header host "shanghaimon.aegis-info.com";
proxy_pass http://shanghaimon.aegis-info.com/api/;
}
location ^~ /qyapi/ {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers Origin,X-Requested-Width,Content-Type,Accept;
proxy_set_header referer "https://qyapi.weixin.qq.com";
proxy_set_header host "qyapi.weixin.qq.com";
proxy_pass https://qyapi.weixin.qq.com/;
}
然后刷新配置
/usr/local/nginx/sbin/nginx -s reload
疑难杂症
如果遇到
'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed等等错误
contains multiple values "*" 意思就是设置了2次跨域,但是只有一个是允许的。
改动办法又很多,比如服务器直接允许option请求,服务器就直接可以被跨域访问了
或者移除其中的任意一个就好了。如果服务器代码设置了允许跨域,使用Nginx代理里面就不需要了,或者移除服务器中的允许跨域
location ^~ /country/ {
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
return 200;
}
proxy_set_header referer "http://114.116.25.112:18116";
proxy_set_header host "http://114.116.25.112";
proxy_pass http://114.116.25.112:18116/;
}
如果遇到
Access to XMLHttpRequest at 'https://xxxx' from origin 'http://localhost' has been blocked by CORS policy: Request header field token is not allowed by Access-Control-Allow-Headers in preflight response.
类似于这样的错,意思是不允许自定义header头部信息(比如如上的 加了个token)
nginx放开即可
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Access-Control-Expose-Headers, Authorization,token';
当然如果你的跨域是程序代码里做的,你也可以在java代码中添加
response.addHeader("Access-Control-Expose-Headers", 'token');