Nginx configures cross-domain status code 200, but reports a CORS error, which is actually cross-domain

Language 2023-06-25 11:32:26 views: null

Nginx configures cross-domain status code 200, but reports a CORS error, which is actually cross-domain

Yesterday, ubuntu released the vue online project through nginx.
Today, when debugging the background interface, there is a cross-domain problem. Since the online is under the same domain name, there will be no cross-domain when calling the interface in the online project. The main problem is that there are cross-domain problems during local debugging;

Solution:

Add this configuration to the nginx configuration

add_header Access-Control-Allow-Methods '*';
add_header Access-Control-Max-Age 3600;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Headers $http_access_control_request_headers always;
if ($request_method = OPTIONS) {
    
    
	return 200;
}
// 在server下的location中配置

After configuring, remember to restart it.
At this time, you can access it, but when you call the interface, you will find that the status code in the network returns 200, but the state shows CORS error.
insert image description here
insert image description here
The reason is as follows , I don’t know Sister Li~~
At this time, nginx has been successfully configured.
After constant consultation with Du Niang, I saw a more credible reason: the browser's js engine also follows the same-origin policy when parsing. Since the local browser address is not under the same domain name as the accessed address, it returns cross- domain error.
It is relatively simple to know the reason. You can refer to my previous article for front-end and back-end local joint debugging and cross-domain debugging . Although it is no longer local joint debugging, the method used is the same, using proxy proxy forwarding to fool the browser.
After the proxy proxy is completed according to the cross-domain configuration of the front-end and back-end local joint debugging , you can visit it again.

Formal projects should not configure Access-Control-Allow-Methods '*', it is not safe, because no matter who configures a proxy, they can access your interface, and I have not explained the above nginx configuration, explained It is also misleading readers, because I have a vague concept of it, and I am currently exploring and learning. If you need to know more, please go to Baidu, O(∩_∩)O hahaha~

Share a stepping experience every day~~~

Guess you like

Origin blog.csdn.net/m0_46496355/article/details/123706879
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com