我一个Biz服务发布在本地，一个在生产环境，在请求的时候一个跨域，一个正常

1条回答

2025-07-03 11:11

要调用成功，需要Gateway能联通这些注册到nacos的实际IP+端口

nginx反向代理跨域可参考这个配置

 location /api {
        
        # 隐藏后端返回的 CORS 头部
        proxy_hide_header 'Access-Control-Allow-Origin';
        proxy_hide_header 'Access-Control-Allow-Methods';
        proxy_hide_header 'Access-Control-Allow-Headers';
        proxy_hide_header 'Access-Control-Allow-Credentials';
        proxy_hide_header 'Access-Control-Expose-Headers';
        proxy_hide_header 'Access-Control-Max-Age';
        
        # 所有非OPTIONS请求的CORS头部
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers' 'DNT,X-Requested-With,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,token,Blade-Auth,Blade-Requested-With,Tenant-Id' always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
        
        
        # 处理OPTIONS预检请求
        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
            add_header 'Access-Control-Allow-Headers' 'DNT,X-Requested-With,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,token,Blade-Auth,Blade-Requested-With,Tenant-Id' always;
            add_header 'Access-Control-Max-Age' 3600;  # 预检请求的缓存时间
            add_header 'Content-Length' 0;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            return 204;  # 返回204响应，表示成功，但不返回数据
        }
        
        # 原来的代理配置
        proxy_redirect              off;
        proxy_set_header            Host $host;
        proxy_set_header            X-real-ip $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass                  http://127.0.0.1:8800/;
    }

	location /api {

	# 隐藏后端返回的 CORS 头部
	proxy_hide_header 'Access-Control-Allow-Origin';
	proxy_hide_header 'Access-Control-Allow-Methods';
	proxy_hide_header 'Access-Control-Allow-Headers';
	proxy_hide_header 'Access-Control-Allow-Credentials';
	proxy_hide_header 'Access-Control-Expose-Headers';
	proxy_hide_header 'Access-Control-Max-Age';

	# 所有非OPTIONS请求的CORS头部
	add_header 'Access-Control-Allow-Origin' '*';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Requested-With,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,token,Blade-Auth,Blade-Requested-With,Tenant-Id' always;
	add_header 'Access-Control-Allow-Credentials' 'true' always;
	add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;


	# 处理OPTIONS预检请求
	if ($request_method = 'OPTIONS') {
	add_header 'Access-Control-Allow-Origin' '*';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
	add_header 'Access-Control-Allow-Headers' 'DNT,X-Requested-With,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,token,Blade-Auth,Blade-Requested-With,Tenant-Id' always;
	add_header 'Access-Control-Max-Age' 3600; # 预检请求的缓存时间
	add_header 'Content-Length' 0;
	add_header 'Content-Type' 'text/plain charset=UTF-8';
	return 204; # 返回204响应，表示成功，但不返回数据
	}

	# 原来的代理配置
	proxy_redirect off;
	proxy_set_header Host $host;
	proxy_set_header X-real-ip $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_pass http://127.0.0.1:8800/;
	}