Web development of micro-channel config: invalid signature

config: invalid signature can troubleshoot the following ways

1. JS interface security domain settings problem: it should contain only the domain name, such as https://i.cnblogs.com  domain name is i.cnblogs.com

2. wx.config configuration parameters related requirements
   1. Timestamp (timestamp) a precision of seconds, not milliseconds
   2. nonceStr field name 's' is capitalized.
   3. appid and get jsapi_ticket used must be the same appid
   4. URL-signature (encrypted)
      1. For encrypted URL, including https: // or http: // and later include the parameters, not including the contents after the #?.
         For example:
         an encrypted URL is: http://abc.com/ a.html adasd = 1 # localion?
         Then the correct URL encryption should be: http://abc.com/ ? A.html adasd = 1
      2. Front-end to back-end sha1 send encrypted url is the current URL js page, instead of obtaining a signature verification URL interfaces
         such as: 
         the current page URL is    http://abc.com/ a.html 
         get appId, timestamp, nonceStr, signature of URL interface is a    http://abc.com/ aaa / getSignature.html
         then encrypted URL should be  http://abc.com/ a.html 
      3. Get used to encrypt the back-end of the URL to dynamically obtain.
3. Access_token need to cache and jsapi_ticket, because otherwise I might set a different value each time you get, Authentication failed.
4. After the user authorization callback, Page path will add two parameters: code and state
   , such as:

   After the authorization for the jump page: http: //abc.com
   then after adding parameters will become:

   http://abc.com?code=asdasd&state=STATE

   If the direct use location.href.split ( '#') [0 ] to obtain the URL of the current page, will state as a parameter query causes an error
   right to obtain signature URL: encodeURIComponent (location.href.split ( '# ') [0])
5. Signature Algorithm error:
   Use http://mp.weixin.qq.com/debug/cgi-bin/sandbox?t=jsapisign  page verification tool
   
6. Server ip not on the white list of
   the public numbers background -> Basic Configuration -> Set IP whitelist
   
7. Access_token get more than the daily limit, after the token expires signature failure
8. Reverse Proxy is not set correctly
   nginx configure a reverse proxy code: proxy_set_header Host $ HTTP_HOST ;