#如果服务端是 Nginx 的 以参考 |
|
# Acts as a nginx HTTPS proxy server | |
# enabling CORS only to domains matched by regex | |
# /https?://.*\.mckinsey\.com(:[0-9]+)?)/ | |
# | |
# Based on: | |
# * http://blog.themillhousegroup.com/2013/05/nginx-as-cors-enabled-https-proxy.html | |
# * http://enable-cors.org/server_nginx.html | |
# | |
server { | |
listen 443 default_server ssl; | |
server_name localhost; | |
# Fake certs - fine for development purposes :-) | |
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; | |
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; | |
ssl_session_timeout 5m; | |
location / { | |
proxy_redirect off; | |
proxy_set_header Host $host; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# Nginx doesn't support nested If statements, so we | |
# concatenate compound conditions on the $cors variable | |
# and process later | |
# If request comes from allowed subdomain | |
# (*.mckinsey.com) then we enable CORS | |
if ($http_origin ~* (https?://.*\.mckinsey\.com(:[0-9]+)?$)) { | |
set $cors "1"; | |
} | |
# OPTIONS indicates a CORS pre-flight request | |
if ($request_method = 'OPTIONS') { | |
set $cors "${cors}o"; | |
} | |
# Append CORS headers to any request from | |
# allowed CORS domain, except OPTIONS | |
if ($cors = "1") { | |
more_set_headers 'Access-Control-Allow-Origin: $http_origin'; | |
more_set_headers 'Access-Control-Allow-Credentials: true'; | |
proxy_pass http://serverIP:serverPort; | |
} | |
# OPTIONS (pre-flight) request from allowed | |
# CORS domain. return response directly | |
if ($cors = "1o") { | |
more_set_headers 'Access-Control-Allow-Origin: $http_origin'; | |
more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE'; | |
more_set_headers 'Access-Control-Allow-Credentials: true'; | |
more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept'; | |
add_header Content-Length 0; | |
add_header Content-Type text/plain; | |
return 204; | |
} | |
# Requests from non-allowed CORS domains | |
proxy_pass http://serverIP:serverPort; | |
} | |
} |
转载于:https://juejin.im/post/5d0c414b6fb9a07ebb053aff