使用 URL 重写模块重写 Azure CDN 请求的访问控制允许来源
Rewrite Access Control Allow Origin for Azure CDN Request with URL Rewrite Module
我遇到的情况是 example.com 有多个子域使用相同的 CSS 文件,而这些子域又使用嵌入其中的相同字体文件。 webfont 在下面的 "New Way" 中不断出现跨域 cors 错误。如果在第二次尝试时从 CDN 请求的原始请求中找到 *,则 "Old Way" 工作正常,因为 CDN 设置了 Origin。
我不想这样做,因为它允许任何人使用这些文件。我想做的只是在我的 CDN 请求包含 Header X-MS-CacheID 时写入 *,但它似乎不起作用。它会导致 COR 问题,比如它没有被击中。
知道我的格式是否正确吗?
老办法
<outboundRules>
<rule name="Set Access-Control-Allow-Origin header">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />
<action type="Rewrite" value="*" />
</rule>
</outboundRules>
新方式
<outboundRules>
<rule name="Set Access-Control-Allow-Origin header">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />
<action type="Rewrite" value="*" />
<conditions>
<add input="HTTP_x_ms_cacheid" pattern=".*" />
</conditions>
</rule>
</outboundRules>
记录的请求
GET https://example.com/home/test?r=777
Connection: Keep-Alive
Accept-Encoding: gzip, br
Cookie: _hp2_id.2757902115=%7B%22userId%22%3Anull%2C%22pageviewId%22%3A%225689423556149444%22%2C%22sessionId%22%3A%221868667023650329%22%2C%22identity%22%3A%2210afdd1785cda40fd3369b7ac259331261f1183c%22%2C%22trackerVersion%22%3A%223.0%22%7D; _ga=GA1.2.937945742.1498499252; __zlcmid=hDgYBKLfkviazc; ajs_anonymous_id=%229aa463a1-0b5b-4813-8743-63927a622489%22; ajs_user_id=%2216754861248%22; ajs_group_id=1336088; rxVisitor=15214949470675C4GAOAP6N7F4G5KA91BTI1MPDG4LLKS; __qca=P0-1799053232-1532395382422; __zlcprivacy=1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
upgrade-insecure-requests: 1
X-MS-Ref: 0eEk5XAAAAAAZD5NP0YhTRbA/Fq601jLiQVRBRURHRTEyMTEAOWY2OTZmMDMtODg4My00MzYxLWIwODQtNDc3YzIzYjA3Mjcy, 0eEk5XAAAAACPv5BjdqqhSJV3bz5bv3RMQkwyRURHRTAzMTkAOWY2OTZmMDMtODg4My00MzYxLWIwODQtNDc3YzIzYjA3Mjcy
X-MS-CacheID: 591DC589-C82D-4290-BB1C-0323968866CC, 6696BBA5-FA1D-4A4B-B73C-C55E067D588F
嗯,我想我对 CSS 和字体文件的请求没有 X-MS-CacheID,但有 X-MS-Ref。
<rule name="Set CDN Access-Control-Allow-Origin header" stopProcessing="true">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true">
<add input="HTTP_x_ms_ref" pattern=".*" />
</conditions>
<action type="Rewrite" value="*" />
</rule>
我遇到的情况是 example.com 有多个子域使用相同的 CSS 文件,而这些子域又使用嵌入其中的相同字体文件。 webfont 在下面的 "New Way" 中不断出现跨域 cors 错误。如果在第二次尝试时从 CDN 请求的原始请求中找到 *,则 "Old Way" 工作正常,因为 CDN 设置了 Origin。
我不想这样做,因为它允许任何人使用这些文件。我想做的只是在我的 CDN 请求包含 Header X-MS-CacheID 时写入 *,但它似乎不起作用。它会导致 COR 问题,比如它没有被击中。
知道我的格式是否正确吗?
老办法
<outboundRules>
<rule name="Set Access-Control-Allow-Origin header">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />
<action type="Rewrite" value="*" />
</rule>
</outboundRules>
新方式
<outboundRules>
<rule name="Set Access-Control-Allow-Origin header">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />
<action type="Rewrite" value="*" />
<conditions>
<add input="HTTP_x_ms_cacheid" pattern=".*" />
</conditions>
</rule>
</outboundRules>
记录的请求
GET https://example.com/home/test?r=777
Connection: Keep-Alive
Accept-Encoding: gzip, br
Cookie: _hp2_id.2757902115=%7B%22userId%22%3Anull%2C%22pageviewId%22%3A%225689423556149444%22%2C%22sessionId%22%3A%221868667023650329%22%2C%22identity%22%3A%2210afdd1785cda40fd3369b7ac259331261f1183c%22%2C%22trackerVersion%22%3A%223.0%22%7D; _ga=GA1.2.937945742.1498499252; __zlcmid=hDgYBKLfkviazc; ajs_anonymous_id=%229aa463a1-0b5b-4813-8743-63927a622489%22; ajs_user_id=%2216754861248%22; ajs_group_id=1336088; rxVisitor=15214949470675C4GAOAP6N7F4G5KA91BTI1MPDG4LLKS; __qca=P0-1799053232-1532395382422; __zlcprivacy=1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
upgrade-insecure-requests: 1
X-MS-Ref: 0eEk5XAAAAAAZD5NP0YhTRbA/Fq601jLiQVRBRURHRTEyMTEAOWY2OTZmMDMtODg4My00MzYxLWIwODQtNDc3YzIzYjA3Mjcy, 0eEk5XAAAAACPv5BjdqqhSJV3bz5bv3RMQkwyRURHRTAzMTkAOWY2OTZmMDMtODg4My00MzYxLWIwODQtNDc3YzIzYjA3Mjcy
X-MS-CacheID: 591DC589-C82D-4290-BB1C-0323968866CC, 6696BBA5-FA1D-4A4B-B73C-C55E067D588F
嗯,我想我对 CSS 和字体文件的请求没有 X-MS-CacheID,但有 X-MS-Ref。
<rule name="Set CDN Access-Control-Allow-Origin header" stopProcessing="true">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true">
<add input="HTTP_x_ms_ref" pattern=".*" />
</conditions>
<action type="Rewrite" value="*" />
</rule>