如何在 Apache（或者应该是 Nginx？）上启用 CORS，它充当另一个本地 Nginx 服务器的代理？

Question

我在我的机器上部署了两个网络服务器，一个是启动 PHP5.3 的 Apache（端口 80），另一个是启动 PHP 7.0.2 的 Nginx（端口 8080）。

我让 Apache 充当 Nginx 的代理。

---

我设置了一个Apache的VirtualHost，下面是设置：

<VirtualHost *:80>
    ServerAdmin 369273264@qq.com
    ServerName wxforum.com
    ServerAlias wxforum.com

    Header set Access-Control-Allow-Origin "http://wxforum.com"

    ErrorLog "/private/var/log/apache2/wxforum.com-error_log"
    CustomLog "/private/var/log/apache2/wxforum-access_log" common

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>

---

下面是Nginx的部分设置：

server {

    listen       8080;
    server_name  localhost;
    set $root_path '/usr/local/var/www';
    root $root_path;
    #index  index.php index.html index.htm

    #charset koi8-r;

    access_log  /usr/local/var/log/nginx/localhost.access.log  main;
    error_log  /usr/local/var/log/nginx/localhost.error.log;


    location / {

            index  index.php index.html index.htm;
            try_files $uri $uri/ /index.php$is_args$query_string;
    }


    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   $root_path;
    }



    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        #root           html;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  /index.php;

        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

}

---

现在当我访问http://wxforum.com 时，Nginx 可以工作，但是当我发出 AJAX 请求时，它会失败，并显示：

XMLHttpRequest cannot load http://127.0.0.1:8080/_debugbar/open?op=get&id=9932e2decca12d5f5109a1a61d4ce5dc. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://wxforum.com' is therefore not allowed access..

在这种情况下，如何在纯 Web 服务器上启用 CORS？

Answer 1

看了Using CORS,CORS on Nginx后解决了我的问题，不需要编辑Apache的配置文件，非常感谢！

最后，我的nginx.conf如下：

server {
    listen       8080;
    server_name  localhost;

    set $root_path '/usr/local/var/www';
    root $root_path;

    #charset koi8-r;

    access_log  /usr/local/var/log/nginx/localhost.access.log  main;
    error_log  /usr/local/var/log/nginx/localhost.error.log;    
    index  index.php index.html index.htm;


    # enable CORS
    # http://www.html5rocks.com/en/tutorials/cors/#toc-cors-server-flowchart
    # http://enable-cors.org/server_nginx.html
    # http://stackoverflow.com/questions/14499320/how-to-properly-setup-nginx-access-control-allow-origin-into-response-header-bas/29113949#29113949
    set $allow_origin 'http://wxforum.com';

    add_header 'Access-Control-Allow-Origin' $allow_origin;
    add_header 'Access-Control-Allow-Methods' 'GET, POST';
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';


    location / {
        # add_header Access-Control-Allow-Origin $cors_header;
        try_files $uri $uri/ /index.php$is_args$query_string;
    }
    ...
}