考虑这个最小的 nginx 服务器配置
server: {
listen 80;
server_name myserver;
location / {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
if ($request_method = 'OPTIONS') {
# Tell client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
return 200 my-content;
}
}
以及相应的 curl 调用
# this one works as expected
$ curl -v http://myserver
# ...
HTTP/1.1 200 OK
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
# ...
和
# this one is missing the Access-Control-Allow-* Headers
$ curl -v -X OPTIONS http://myserver
# ...
HTTP/1.1 204 No content
Server: nginx
Access-Control-Max-Age: 1728000
Content-Type: text/plain charset=UTF-8
Content-Length 0
所以选项请求缺少访问控制允许来源和访问控制允许方法标头,同时它们已针对 GET 请求正确设置。添加总是参数添加标题指令也不起作用。
我在 Ubuntu 16.04 上使用 nginx v1.11.1。你知道问题可能出在哪里吗?