如何允许从Nginx中的子域访问域?
[英]How to allow access to domain from subdomain in nginx?
问题描述
Using nginx, I have an html file served at sub.example.com which needs to get its json data from example.com 
使用nginx,我在sub.example.com提供了一个html文件,该文件需要从example.com获取其json数据。
But the json is not loaded. 但是未加载json。 Instead, in Chrome browser I get: 相反,在Chrome浏览器中,我得到:
The 'Access-Control-Allow-Origin' header has a value 'https://example.com' that is not equal to the supplied origin. Origin 'http://sub.example.com' is therefore not allowed access.
How can I fix this? 我怎样才能解决这个问题?
1 个解决方案
解决方案1
0 2018-05-15 20:59:45
You need to set CORS headers on your example.com server to allow the domain sub.example.com to use this resource, for example: 您需要在example.com服务器上设置CORS标头,以允许域sub.example.com使用此资源,例如:
Access-Control-Allow-Origin 访问控制允许来源
add_header Access-Control-Allow-Origin "https://sub.example.com" always;
add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS, DELETE" always;
OR 要么
add_header Access-Control-Allow-Origin "https://*.example.com" always;
add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS, DELETE" always;
You need to set it in a server that handles the Json. 您需要在处理Json的服务器中进行设置。 You can allow * in CORS, but it isn't recommended. 您可以在CORS中允许*,但不建议使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.