我正在使用NGINX,并且在浏览器控制台中收到该错误。
根据老板的指示,我需要设置cors,我做了什么,但我还是犯了同样的错误。
这是的全部错误
OPTIONS https://backend.just4bettors.mobi/auth/login
XMLHttpRequest cannot load https://backend.just4bettors.mobi/auth/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://www.just4bettors.mobi' is therefore not allowed access. The response had HTTP status code 400.
这是配置
map $http_origin $cors_header {
default "";
"~^https?://[^/]+.just4bettors.mobi(:[0-9]+)?$" "$http_origin";
}
server {
large_client_header_buffers 1 1K;
listen 80;
listen 443 ssl;
server_name www.just4bettors.mobi just4bettors.mobi;
root /home/c0pt/capilleira/capilleiraclickandgamblemobile/www;
ssl_certificate /etc/ssl/certs/just4bettors.mobi.chained.crt;
ssl_certificate_key /etc/ssl/private/just4bettors.mobi.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Origin $cors_header;
...
}
}
server {
listen 80;
listen 443 ssl;
server_name backend.just4bettors.mobi www.backend.just4bettors.mobi;
ssl_certificate /etc/ssl/certs/just4bettors.mobi.chained.crt;
ssl_certificate_key /etc/ssl/private/just4bettors.mobi.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Origin $cors_header;
}
}
我有域和子域,它就像一个名为跨域的东西。
哪里有错误?我的意思是,我已经把一切都安排好了,但仍然要我Access-Control-Allow-Origin,为什么?
ps:我想哭。
您需要在后端设置头,而不是在您的主节位置/下
错误消息基本上说明不允许您从www前端访问后端。
您的后端必须允许backend.just4bettors.mobi和www.backend.just4bettors.mibi作为有效的Origins。。。