stackoom
  简体   繁体   中英

allow cross origin request for laravel route on nginx

 原文  2018-07-20 05:53:37       laravel/ http/ nginx/ cross-domain

Question

I want to access a laravel 5.5 api endpoint https://foo.bar.com/api/v1.0/foo/bar from another origin. Thus I need to allow cross origin requests. I've added the header to my nginx config. Yet my browser still complains about it not being present. This is my nginx config:

server {
   listen       *:443 ssl;

   server_name  foo.bar.com ;
   ssl on;

   ssl_certificate           /etc/nginx/nxv_bhxwewp1idzm.crt;
   ssl_certificate_key       /etc/nginx/nxv_bhxwewp1idzm.key;
   ssl_session_cache         shared:SSL:10m;
   ssl_session_timeout       5m;
   ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers               "...";
   ssl_prefer_server_ciphers on;
   client_max_body_size 1m;
     index  index.html index.htm index.php;

   access_log            /var/log/nginx/ssl-nxv_bhxwewp1idzm.access.log;
   error_log             /var/log/nginx/ssl-nxv_bhxwewp1idzm.error.log;


   root /var/www/share/foo.bar.com;
   location ~ ^/index\.php(/|$) {


     set $path_info $fastcgi_path_info;
     root  /var/www/share/foo.bar.com/public/;
     fastcgi_index index.php;
     fastcgi_split_path_info ^(.+\.php)(/.*)$;
     try_files $uri $uri/ /index.php$is_args$args;
     include /etc/nginx/fastcgi_params;
     fastcgi_pass 127.0.0.1:9000;
     add_header 'Access-Control-Allow-Origin' '*';

     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

   }
   location / {

    root  /var/www/share/foo.bar.com/public/;
    try_files $uri $uri/ /index.php$is_args$args;
    autoindex off;
    index  index.html index.php;
    add_header 'Access-Control-Allow-Origin' '*';


   }
   sendfile off;
 }

2 answers

solution1
 0 ACCPTED  2018-07-20 08:03:05

I already took the info from the link @DigitalDrifter has posted. But it seems just adding the Access-Control-Allow-Origin isn't enough to get it to work. Although I don't care about access methods and such. So this got the deal working: 

server {
   listen       *:443 ssl;

   server_name  foo.bar.com ;
   ssl on;

   ssl_certificate           /etc/nginx/nxv_bhxwewp1idzm.crt;
   ssl_certificate_key       /etc/nginx/nxv_bhxwewp1idzm.key;
   ssl_session_cache         shared:SSL:10m;
   ssl_session_timeout       5m;
   ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers               "...";
   ssl_prefer_server_ciphers on;
   client_max_body_size 1m;
     index  index.html index.htm index.php;

   access_log            /var/log/nginx/ssl-nxv_bhxwewp1idzm.access.log;
   error_log             /var/log/nginx/ssl-nxv_bhxwewp1idzm.error.log;


   root /var/www/share/foo.bar.com;
   location ~ ^/index\.php(/|$) {


     set $path_info $fastcgi_path_info;
     root  /var/www/share/foo.bar.com/public/;
     fastcgi_index index.php;
     fastcgi_split_path_info ^(.+\.php)(/.*)$;
     try_files $uri $uri/ /index.php$is_args$args;
     include /etc/nginx/fastcgi_params;
     fastcgi_pass 127.0.0.1:9000;
     add_header 'Access-Control-Allow-Origin' '*';
     add_header 'X-Frame-Options' 'ALLOW-FROM *';
     add_header 'Access-Control-Allow-Credentials' 'true';
     add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
     add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

   }
   location / {

    root  /var/www/share/foo.bar.com/public/;
    try_files $uri $uri/ /index.php$is_args$args;
    autoindex off;
    index  index.html index.php;
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'X-Frame-Options' 'ALLOW-FROM *';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';


   }
   sendfile off;
 }

solution2
 0  2023-01-10 09:19:36

add both lines into below file

/etc/nginx/sites-available/yours_conf_file 

add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Content-Type';

and restart nginx server

sudo systemctl restart nginx

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cross-Origin Request Blocked Laravel Laravel Ajax Cross Origin Request blocked Laravel How to solve Cross-Origin Request Blocked Laravel Ajax request, No 'Access-Control-Allow-Origin' header Laravel POST request Cors No 'Access-Control-Allow-Origin' Laravel Response::json gives cross domain error i browser even if header is Access-Control-Allow-Origin:* Laravel angularjs cross origin session Cross-Origin Request Blocked error with Laravel, barryvdh/laravel-cors & axios on a 404 response Nginx Laravel Route as Codeigniter Nginx Laravel ignore route
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM