加入到 server下
add_header Access-Control-Allow-Origin '$http_origin'; add_header Access-Control-Allow-Credentials true;