我有一个Ingress配置,我想在一些特定的主机上启用cors头!
我将入口中的注释设置为
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Access-Control-Allow-Origin: $http_origin";
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
这很有效,但也会在其他一些主机中设置访问控制允许原点例如:
curl 'https://example.com' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0' -H 'Accept: application/json' -H 'Accept-Language: en,en-US;q=0.7,en;q=0.3' --compressed -H 'Origin: https://hacker.org' -H 'Connection: keep-alive' -v
结果将是Access-Control-Allow-Origin: hacker.org这不是我所期望的!
我想以只在某些特定主机上设置Access-Control-Allow-Origin的方式配置入口!
我试过这个注释!
nginx.ingress.kubernetes.io/configuration-snippet: |
if ($http_origin ~* 'https://example.com') {
more_set_headers "Access-Control-Allow-Origin: $http_origin";
}
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
但不起作用!
我希望ingress配置为仅在某些特定主机上设置Cors标头!
这是由于您启用了corsnginx.ingress.kubernetes.io/enable-cors: "true",因此nginx.ingress.kubernetes.io/cors-allow-origin的默认值*开始发挥作用。只需使用适当的注释对其进行配置,如下所示:
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-origin: "https://origin-site.com"
更多信息可在此处找到:https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#enable-cors