使用上游时 Nginx cors 问题

使用上游时 Nginx cors 问题

我对此感到非常沮丧,因为我似乎无法弄清楚为什么会发生这种情况。

我有一个运行良好的 Django Web 应用。当我尝试更改 worker_connections 时,我开始遇到 CORS 问题。我恢复了该数字,但仍然遇到 CORS 问题。

我的 nginx 配置如下所示

upstream backend {
    #ip_hash;
    #server 38.106.79.195;
    server unix:/home/www/api.to/app.sock;
}

server {
    server_name api.pdf.to;

    client_max_body_size 10000m;
    gzip_disable "msie6";
    access_log off;
    error_log on;
    gzip_vary on;
    gzip on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_min_length 256;
    gzip_types application/javascript application/font-ttf ttf text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;

    location /word/report.html {
       alias /var/log/nginx/report.html;
    }

    location / {
          add_header 'Access-Control-Allow-Origin' '*'  always;
          add_header 'Access-Control-Max-Age' '3600'  always;
          add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
          add_header 'Access-Control-Allow-Headers' '*' always;

          if ($request_method = OPTIONS ) {
              return 200;
          }


        proxy_pass http://backend;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_set_header REMOTE_ADDR $remote_addr;
        proxy_read_timeout 1000; # this
    }


    location /static/downloads {
        alias /home/www/api.to/static/downloads/;
   add_header Content-disposition "attachment; filename=$1";
   default_type application/octet-stream;
  }





    location /static/ {
        alias /home/www/api.to/static/;
        expires 35d;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        access_log off;
    }


    location /static/downloads {
        alias /home/www/api.to/static/downloads/;
   add_header Content-disposition "attachment; filename=$1";
   default_type application/octet-stream;
  }





    location /static/ {
        alias /home/www/api.to/static/;
        expires 35d;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        access_log off;
    }


    listen 443 ssl http2; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/api.pdf.to-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/api.pdf.to-0001/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

我在 Django 应用程序中禁用了 CORS,它工作正常,但重新加载后它不起作用。我不得不将以下内容添加到我的 nginx

          add_header 'Access-Control-Allow-Origin' '*'  always;
          add_header 'Access-Control-Max-Age' '3600'  always;
          add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
          add_header 'Access-Control-Allow-Headers' '*' always;

          if ($request_method = OPTIONS ) {
              return 200;
          }

这样,当我将它发送到本地框时它就可以工作,但如果我将它发送到上游框(具有相同的 nginx 配置),它会给我一个 404 或 CORS 错误。

答案1

在进一步研究该问题之后,我发布了这个问题,后来的答案也解决了这个问题。 https://superuser.com/a/1769407/535078

相关内容