strict-origin-when-cross-origin怎么在ngixn中解决
时间: 2023-11-27 15:48:08 浏览: 40
在Nginx中解决strict-origin-when-cross-origin问题,可以通过在Nginx配置文件中添加以下内容来实现:
```nginx
add_header 'Access-Control-Allow-Origin' '$http_origin' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '$http_origin' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
add_header 'Access-Control-Max-Age' 1728000 always;
add_header 'Content-Type' 'text/plain charset=UTF-8' always;
add_header 'Content-Length' 0 always;
return 204;
}
```
这段代码将在响应头中添加Access-Control-Allow-Origin、Access-Control-Allow-Credentials、Access-Control-Allow-Methods和Access-Control-Allow-Headers等信息,以允许跨域请求。同时,如果请求方法为OPTIONS,则会返回204状态码,表示请求成功,但没有响应体。