NGINX – 仅影响Firefox的CORS错误

这是Nginx的一个问题,只影响firefox.我有这个配置:http://pastebin.com/q6Yeqxv9upstream connect { server 127.0.0.1:8080; } server { server_name admin.example.com www.admin.example.com

这是Nginx的一个问题,只影响firefox.我有这个配置:
http://pastebin.com/q6Yeqxv9

upstream connect {
        server 127.0.0.1:8080;
}

server {
        server_name admin.example.com www.admin.example.com;
        listen 80;
        return 301 https://admin.example.com$request_uri;
}

server {
        listen 80;
        server_name ankieta.example.com www.ankieta.example.com;
        add_header Access-Control-Allow-Origin $http_origin;
        add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,PATCH,DELETE';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'Access-Control-Request-Method,Access-Control-Request-Headers,Cache,Pragma,Authorization,Accept,Accept-Encoding,Accept-Language,Host,Referer,Content-Length,Origin,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        return 301 https://ankieta.example.com$request_uri;
}

server {
        server_name admin.example.com;
        listen 443 ssl;
        ssl_certificate /srv/ssl/14182263.pem;
        ssl_certificate_key /srv/ssl/admin_i_ankieta.example.com.key;

        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;

        location / {
                proxy_pass http://connect;
        }
}

server {
        server_name ankieta.example.com;
        listen 443 ssl;
        ssl_certificate /srv/ssl/14182263.pem;
        ssl_certificate_key /srv/ssl/admin_i_ankieta.example.com.key;

        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;

        root /srv/limesurvey;
        index index.php;

        add_header 'Access-Control-Allow-Origin' $http_origin;
        add_header 'Access-Control-Allow-Methods' 'GET,Content-Type';

        client_max_body_size 4M;

        location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        location ~ /*.php${

                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME /srv/limesurvey$fastcgi_script_name;
#                       fastcgi_param HTTPS $https;
                fastcgi_intercept_errors on;
                fastcgi_pass 127.0.0.1:9000;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)${
                expires max;
                log_not_found off;
        }


}

这基本上是一个AngularJS应用程序和一个PHP应用程序(LimeSurvey),由同一个Web服务器(Nginx)在两个不同的域下提供服务. AngularJS实际上由ConnectJS提供服务,由Nginx代理(ConnectJS仅在localhost上侦听).

在Firefox控制台中,我得到了这个:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading
the remote resource at
07001. This can be fixed by
moving the resource to the same domain or enabling CORS.

这当然很烦人.
其他浏览器工作正常(Chrome,IE).

有什么建议吗?

最佳答案
问题出现了,因为Firefox没有授权API的SSL证书.通过使用Firefox导航到端点来信任站点的证书可以暂时解决问题,同时永久更改证书.

Firefox和LimeSurvey远程控制API的标题问题可以通过代理固定标头值或发送blob来修复,如https://stackoverflow.com/questions/24465304/trouble-changing-request-headers-in-firefox-with-angularjs所示

作者: dawei

【声明】:永州站长网内容转载自互联网,其相关言论仅代表作者个人观点绝非权威,不代表本站立场。如您发现内容存在版权问题,请提交相关链接至邮箱:bqsm@foxmail.com,我们将及时予以处理。

为您推荐

联系我们

联系我们

0577-28828765

在线咨询: QQ交谈

邮箱: xwei067@foxmail.com

工作时间:周一至周五,9:00-17:30,节假日休息

返回顶部