1.Nginx通过CORS实现跨域
add_header 'Access-Control-Allow-Origin' 'https://wlt-client.tourismshow.cn' always; Access-Control-Allow-Credentials: true always; https://mp.weixin.qq.com/s?__biz=MzI3MTI2NzkxMA==&mid=2247484408&idx=1&sn=5c64dd43ff2060e1c4a22d93e4e887c9&chksm=eac522d1ddb2abc7b576878a2e85204f988a38f9294158a139a51c2df540e40a8c6bef112c8e&mpshare=1&scene=1&srcid=0527Z34YTJ9oL6xCZUtNrE6w&sharer_sharetime=1590565036008&sharer_shareid=9740bba782c9689ef96565edaf6756f2&rd2werd=1#wechat_redirect https://www.jianshu.com/p/c03d33663cfc 参考:https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS
2. 当A、B两个网站属于不同域时,来自于A网站页面中的JavaScript代码访问B网站时,浏览器会拒绝该访问。
设置跨域资源共享 - 对象存储 OSS - 阿里云 (aliyun.com)
3. 阿里云跨域设置
* GET POST PUT DELETE HEAD * ETag x-oss-request-id 3600
4. nginx跨域设置
server { listen 8099; location / { set $origin_flag true; if ($request_method = 'OPTIONS') { set $origin_flag false; } if ($request_method = 'GET') { set $origin_flag false; } if ($origin_flag = true) { add_header Access-Control-Allow-Origin *; } add_header Access-Control-Allow-Headers "content-md5,token,x-oss-security-token,x-oss-date,x-oss-user-agent,$http_access_control_allow_headers"; #不能使用upstream的方式,如使用后,直接方式URL后会报no such bucket #这是因为模拟器会把upstream的名称解析为bucketname。 proxy_pass http://127.0.0.1:8999; } }
配置跨域:nginx add_header not working - Stack Overflow
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
add_header PS 1