我们前端使用微应用的方式,不能匹配所有域名只能使用指定域名,此时用Nginx去做的add header,但是报了以下错误,我应该如何处理呢
has been blocked by CORS policy: Request header field blade-auth is not allowed by Access-Control-Allow-Headers in preflight response.
检查一下allow-headers的配置,bladex默认需要这些请求头:
X-Requested-With, Tenant-Id, Blade-Auth, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, knfie4j-gateway-request, knife4j-gateway-code, request-origion
nginx配置参考这个
server {
listen 80; # 或者使用的其他端口
server_name your-domain.com; # 替换为域名
location / {
# 添加 CORS 相关的头信息
add_header 'Access-Control-Allow-Origin' 'https://allowed-domain.com'; # 替换为允许的域名
add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS,HEAD'; # 允许的方法
add_header 'Access-Control-Allow-Headers' 'Content-Type, blade-auth'; # 允许的请求头
# 处理预检请求
if ($request_method = OPTIONS) {
add_header 'Access-Control-Allow-Origin' 'https://allowed-domain.com'; # 替换为允许的域名
add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS,HEAD';
add_header 'Access-Control-Allow-Headers' 'X-Requested-With, Tenant-Id, Blade-Auth, Content-Type, Authorization, credential, X-XSRF-TOKEN, token, username, client, knfie4j-gateway-request, knife4j-gateway-code, request-origion';
add_header 'Content-Length' 0;
return 204; # 返回204 No Content
}
# 其他配置...
proxy_pass http://your_backend; # 替换为后端服务
}
}
扫一扫访问 Blade技术社区 移动端
加载中...
苏公网安备 32041102000998号