由于 Access-Control-Allow-Origin 而出现错误。 (NGINX)
Getting error due to Access-Control-Allow-Origin. (NGINX)
我正在使用 NGINX,我在浏览器的控制台中收到该错误。
根据我老板的指示,我需要设置 cors,但我仍然遇到同样的错误。
这是整个错误
OPTIONS https://backend.just4bettors.mobi/auth/login
XMLHttpRequest cannot load https://backend.just4bettors.mobi/auth/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.just4bettors.mobi' is therefore not allowed access. The response had HTTP status code 400.
这是配置
map $http_origin $cors_header {
default "";
"~^https?://[^/]+\.just4bettors\.mobi(:[0-9]+)?$" "$http_origin";
}
server {
large_client_header_buffers 1 1K;
listen 80;
listen 443 ssl;
server_name www.just4bettors.mobi just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
ssl_certificate /etc/ssl/certs/just4bettors.mobi.chained.crt;
ssl_certificate_key /etc/ssl/private/just4bettors.mobi.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Origin $cors_header;
...
}
}
server {
listen 80;
listen 443 ssl;
server_name backend.just4bettors.mobi www.backend.just4bettors.mobi;
ssl_certificate /etc/ssl/certs/just4bettors.mobi.chained.crt;
ssl_certificate_key /etc/ssl/private/just4bettors.mobi.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Origin $cors_header;
}
}
我有域和子域,这就像一个名为跨域的东西。
我哪里出错了?我的意思是,我已经设置好所有内容,但仍然要求我提供 Access-Control-Allow-Origin,为什么?
ps: 想哭
您需要在后端设置 header,而不是在您的主要部分位置 /
错误消息基本上表明您不能从您的 www 前端访问后端。
您的后端必须允许 backend.just4bettors.mobi 和 www.backend.just4bettors.mobi 作为有效来源...
我正在使用 NGINX,我在浏览器的控制台中收到该错误。
根据我老板的指示,我需要设置 cors,但我仍然遇到同样的错误。
这是整个错误
OPTIONS https://backend.just4bettors.mobi/auth/login
XMLHttpRequest cannot load https://backend.just4bettors.mobi/auth/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.just4bettors.mobi' is therefore not allowed access. The response had HTTP status code 400.
这是配置
map $http_origin $cors_header {
default "";
"~^https?://[^/]+\.just4bettors\.mobi(:[0-9]+)?$" "$http_origin";
}
server {
large_client_header_buffers 1 1K;
listen 80;
listen 443 ssl;
server_name www.just4bettors.mobi just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
ssl_certificate /etc/ssl/certs/just4bettors.mobi.chained.crt;
ssl_certificate_key /etc/ssl/private/just4bettors.mobi.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Origin $cors_header;
...
}
}
server {
listen 80;
listen 443 ssl;
server_name backend.just4bettors.mobi www.backend.just4bettors.mobi;
ssl_certificate /etc/ssl/certs/just4bettors.mobi.chained.crt;
ssl_certificate_key /etc/ssl/private/just4bettors.mobi.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Origin $cors_header;
}
}
我有域和子域,这就像一个名为跨域的东西。
我哪里出错了?我的意思是,我已经设置好所有内容,但仍然要求我提供 Access-Control-Allow-Origin,为什么?
ps: 想哭
您需要在后端设置 header,而不是在您的主要部分位置 /
错误消息基本上表明您不能从您的 www 前端访问后端。
您的后端必须允许 backend.just4bettors.mobi 和 www.backend.just4bettors.mobi 作为有效来源...