[英]Configuring CORS with NGINX and AWS Elastic Beanstalk
My app is an AWS EC2 instance, I have some problems with a CORS error.我的应用程序是 AWS EC2 实例,我遇到了 CORS 错误的一些问题。
It works great on a local server but not on a production server.它在本地服务器上工作得很好,但在生产服务器上却不行。 My app is an angular 11 app in the frontend.
我的应用程序是前端的 angular 11 应用程序。 Its a Spring Boot API.
它是 Spring 启动 API。 It is deployed in aws elastic beanstalk, I understand that aws uses nginx and this is what is generating the cors error for me
它部署在 aws elastic beanstalk 中,我知道 aws 使用 nginx 这就是为我生成 cors 错误的原因
Then I tried a solution I found around: file path.ebextensions\nginx file nginx.conf然后我尝试了一个我找到的解决方案:file path.ebextensions\nginx file nginx.conf
user nginx;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 33282;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include conf.d/*.conf;
map $http_upgrade $connection_upgrade {
default "upgrade";
}
server {
listen 80;
server_name dominio.com;
root /var/app/current/public;
location / {
# Simple requests
if ($request_method ~* "(GET|POST)") {
add_header "Access-Control-Allow-Origin" *;
}
# Preflighted requests
if ($request_method = OPTIONS ) {
add_header "Access-Control-Allow-Origin" *;
add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, HEAD";
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
return 200;
}
}
location /api {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
access_log /var/log/nginx/access.log main;
client_header_timeout 60;
client_max_body_size 10M;
client_body_timeout 60;
keepalive_timeout 60;
gzip off;
gzip_comp_level 4;
# Include the Elastic Beanstalk generated locations
include conf.d/elasticbeanstalk/01_static.conf;
include conf.d/elasticbeanstalk/healthd.conf;
}
}
Nginx has a configuration file by default located in /etc/nginx/nginx.conf. Nginx 默认有一个配置文件位于 /etc/nginx/nginx.conf 中。 This file has a lot of default properties for all requests and one of these is client_max_body_size.
这个文件有很多用于所有请求的默认属性,其中之一是 client_max_body_size。 The default value for that property is 1MB.
该属性的默认值为 1MB。
in the file I am updating the client_max_body_size to 10MB, but the cors error when I send a file larger than 1 MB still persists:在文件中,我将 client_max_body_size 更新为 10MB,但是当我发送大于 1 MB 的文件时,cors 错误仍然存在:
Access to XMLHttpRequest at 'https://dominio.com/api' from origin 'https://www.dominio.frontend.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
CORS configuration in spring: enter image description here spring 中的 CORS 配置:在此处输入图像描述
The application works fine in production except when I use a field to add files larger than 1MB, at which point it generates the CORS error.该应用程序在生产中运行良好,除非我使用字段添加大于 1MB 的文件,此时它会生成 CORS 错误。
None of this has solved the problem.这些都没有解决问题。 What am I missing here?
我在这里想念什么?
Thanks so much for any help!非常感谢您的帮助!
you should configure CORS in your Spring application.您应该在 Spring 应用程序中配置 CORS。
Create a @Configuration class implementing WebMvConfigurer interface创建一个实现 WebMvConfigurer 接口的@Configuration class
Override method addCorsMappings(), like sample below, which allow all methods, all origins and apply to all API, aka: Global CORS configuration.覆盖方法 addCorsMappings(),如下面的示例,它允许所有方法、所有来源并适用于所有 API,又名:全局 CORS 配置。
@Configuration
public class CorsConfig implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("*");
}
}
See the guide below if you want to apply selectively to specific APIs如果您想选择性地应用于特定 API,请参阅下面的指南
Ref: https://spring.io/guides/gs/rest-service-cors/参考: https://spring.io/guides/gs/rest-service-cors/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.