我有一个 NGINX,其背后有一个 PHP-FPM 实例。OPTIONS
文件系统中存在文件的路径请求应该由 NGINX 处理。对于这些请求,NGINX 应该返回Access-Control-*
CORS 标头。OPTIONS
不存在文件的请求应该传递给 PHP-FPM。
逻辑应该是这样的:
location / {
# In this case: Check if file exists
# - yes: return CORS headers
# - no: pass request to PHP-FPM
if ($request_method = 'OPTIONS') {
# This causes an error
try_files @cors;
}
# Normal request handling for all non-OPTIONS requests:
# Try to serve file directly, fallback to index.php if file does not exist
try_files $uri /index.php$is_args$args;
}
location @cors {
if (-f $request_filename) {
more_set_headers "Access-Control-Allow-Credentials: true";
more_set_headers "Access-Control-Allow-Origin: example.com";
more_set_headers 'Access-Control-Allow-Methods: POST, GET, DELETE, PUT, OPTIONS';
more_set_headers 'Access-Control-Allow-Headers: content-type,ngsw-bypass';
more_set_headers 'Access-Control-Max-Age: 3600';
more_set_headers 'Content-Type: text/plain; charset=UTF-8';
more_set_headers 'Content-Length: 0';
return 204;
}
try_files /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass localhost:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param SCRIPT_FILENAME /var/www/public/index.php;
fastcgi_param DOCUMENT_ROOT /var/www/public;
fastcgi_param HTTPS $fastcgi_param_https;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/index.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
但这并不适用。因为语句try_files
中不允许使用if
([emerg] 1#1: 此处不允许使用“try_files”指令)。
答案1
您可以使用该error_page
指令来处理文件系统中存在文件路径的 OPTIONS 请求。
location / {
# Try to serve file directly, fallback to index.php if file does not exist
try_files $uri /index.php$is_args$args;
# Handle OPTIONS requests for paths for which a file exists in the file system
if ($request_method = 'OPTIONS') {
if (-f $request_filename) {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
}
}
# Pass all other requests to PHP-FPM
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
该try_files
指令用于直接提供文件,index.php
如果文件不存在则回退。该if
块检查请求方法是否为 OPTIONS 以及请求的路径中是否存在文件。如果两个条件都为真,NGINX 将在响应中添加必要的 CORS 标头并返回 204 No Content 状态代码。