nginx配置允许指定域名下所有二级域名跨域请求

Posted on | In | 0 comments | Visitors:

跨域资源共享 CORS
核心原理是根据请求域名匹配是否是某域名的二级域名判断是否添加允许跨越头。
比如你想设置amy.com和kk.com下的子域名都可以跨域方案
需要在请求不能设置*
可以用nginx用$http_origin这样配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
server {
 listen 443 ssl;
    server_name  xxx.xxx.com;
    index index.html index.htm index.jsp;

    ssl_certificate         /server.pem;#证书的.cer文件路径
    ssl_certificate_key     /server-key.pem;#证书的.key文件
    set $flag '0';
    location / {
       if ($http_origin ~* "(https?:\/\/.*\.amy\.com($|\/))") {
           set $flag '1';
        }
    if ($http_origin ~* "(https?:\/\/.*\.kk\.com($|\/))") {
           set $flag '1';
        }
    if ($flag = '1') {
            #add_header Access-Control-Allow-Origin "*";
            add_header Access-Control-Allow-Origin "$http_origin";
            ###带上用户认证信息
            add_header Access-Control-Allow-Credentials  true;
            ##允许的方法post,get
            add_header Access-Control-Allow-Methods  "POST, GET, PUT, PATCH, DELETE";
            add_header Access-Control-Allow-Headers "xxx-xx-xx";
        }
       proxy_pass http://all_domians_default_http_upstream;#转向tomcat处理
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Scheme  $scheme;#将scheme协议头发送给tomcat
    }
}