NGINX – 仅影响Firefox的CORS错误

前端之家收集整理的这篇文章主要介绍了NGINX – 仅影响Firefox的CORS错误前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

这是Nginx的一个问题,只影响firefox.我有这个配置:
http://pastebin.com/q6Yeqxv9

upstream connect {
        server 127.0.0.1:8080;
}

server {
        server_name admin.example.com www.admin.example.com;
        listen 80;
        return 301 https://admin.example.com$request_uri;
}

server {
        listen 80;
        server_name ankieta.example.com www.ankieta.example.com;
        add_header Access-Control-Allow-Origin $http_origin;
        add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,PATCH,DELETE';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'Access-Control-Request-Method,Access-Control-Request-Headers,Cache,Pragma,Authorization,Accept,Accept-Encoding,Accept-Language,Host,Referer,Content-Length,Origin,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        return 301 https://ankieta.example.com$request_uri;
}

server {
        server_name admin.example.com;
        listen 443 ssl;
        ssl_certificate /srv/ssl/14182263.pem;
        ssl_certificate_key /srv/ssl/admin_i_ankieta.example.com.key;

        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;

        location / {
                proxy_pass http://connect;
        }
}

server {
        server_name ankieta.example.com;
        listen 443 ssl;
        ssl_certificate /srv/ssl/14182263.pem;
        ssl_certificate_key /srv/ssl/admin_i_ankieta.example.com.key;

        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;

        root /srv/limesurvey;
        index index.PHP;

        add_header 'Access-Control-Allow-Origin' $http_origin;
        add_header 'Access-Control-Allow-Methods' 'GET,Content-Type';

        client_max_body_size 4M;

        location / {
                try_files $uri $uri/ /index.PHP?q=$uri&$args;
        }

        location ~ /*.PHP${

                fastcgi_split_path_info ^(.+\.PHP)(/.+)$;
                #NOTE: You should have "cgi.fix_pathinfo = 0;" in PHP.ini
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME /srv/limesurvey$fastcgi_script_name;
#                       fastcgi_param HTTPS $https;
                fastcgi_intercept_errors on;
                fastcgi_pass 127.0.0.1:9000;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)${
                expires max;
                log_not_found off;
        }


}

这基本上是一个AngularJS应用程序和一个程序(LimeSurvey),由同一个Web服务器(Nginx)在两个不同的域下提供服务. AngularJS实际上由ConnectJS提供服务,由Nginx代理(ConnectJS仅在localhost上侦听).

在Firefox控制台中,我得到了这个:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading
the remote resource at
07001. This can be fixed by
moving the resource to the same domain or enabling CORS.

这当然很烦人.
其他浏览器工作正常(Chrome,IE).

有什么建议吗?

最佳答案
问题出现了,因为Firefox没有授权API的SSL证书.通过使用Firefox导航到端点来信任站点的证书可以暂时解决问题,同时永久更改证书.

Firefox和LimeSurvey远程控制API的标题问题可以通过代理固定标头值或发送blob来修复,如https://stackoverflow.com/questions/24465304/trouble-changing-request-headers-in-firefox-with-angularjs所示

猜你在找的Nginx相关文章