server {
# nginx 本身端口 不变
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
add_header Access-Control-Allow-Origin *;
# 允许的请求头
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Custom-Header,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Access-Control-Expose-Headers, Token, Authorization, yesky-referer,ppt-token';
add_header Access-Control-Allow-Methods GET,POST,OPTIONS,PUT;
if ($request_method = 'OPTIONS') {
return 204;
}
location / {
proxy_pass http://localhost:8080/;
}
}
bug:
1.允许的请求头不包含在上面
Access to XMLHttpRequest at ‘http://bbsbbs.jiangeshen.com/brosite/wxPay.jhtml’ from origin ‘null’ has been blocked by CORS policy: Request header field browser-token is not allowed by Access-Control-Allow-Headers in preflight response.
2.跨域问题
服务器未返回Origin
文章评论