取消Access-Control-Allow-Origin:* 之后反而没有跨域问题?

我在浏览器里打开前端页面,提示图中的跨域问题,我将allow的所有限制开放到最广,也没用。

最后注释了 add_header Access-Control-Allow-Origin '*'; 没想到 跨域提示就没有了,为什么会这样?


  user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
use epoll;
worker_connections 1024;
}

http {

server {
listen 80;
server_name apmserver.xxxxxxxx;
charset utf-8;
access_log main;

location / {
# add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Credentials 'true';
add_header Access-Control-Allow-Methods 'GET,PUT,POST,OPTIONS,DELETE';
add_header Access-Control-Allow-Headers '*';

proxy_pass http://192.168.10.145:8200;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location /static {
access_log off;
expires 30d;

alias /app/static;
}
}

server {
listen 443 ssl;
server_name apmserver.xxxxxxxx;
ssl_certificate /usr/local/nginx/cert/lonsid.pem;
ssl_certificate_key /usr/local/nginx/cert/lonsid.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

location / {
# add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Methods 'GET,POST,OPTIONS';
add_header Access-Control-Allow-Headers '*';
add_header Access-Control-Allow-Credentials 'true';

proxy_pass http://192.168.10.145:8200;
proxy_set_header Host $http_host;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location /static {
access_log off;
expires 30d;

alias /app/static;
}
}
}  

邀请回答
提问于 2021-01-08 10:31
195 次浏览
共0个回答

发表评论
提问者

wajika

暂无个人介绍

  • 0

    文章

  • 0

    粉丝

  • 0

    被赞

wajika
按Enter键发送
您已邀请位用户
版权所有©F5 Networks,Inc.保留所有权利。京ICP备16013763号-5