Apache与NGINX下Control-Allow-Origin * 设置

August 31, 2020

41569 views

1203 words

介绍
--

网站一般在需要共享资源给其他网站时（跨域传递数据），才会设置access-control-allow-origin HTTP头
设置`Access-Control-Allow-Origin`，可以解决多域名跨域问题
`Access-Control-Allow-Origin *` 等所有网站都可以跨域访问
`Access-Control-Allow-Origin gqink.cn` 允许`gqink.cn`跨域访问

Apache
------

<IfModule mod_headers.c>
    
        Header set Access-Control-Allow-Origin: "*"
    
        Header set Access-Control-Allow-Methods: "GET,POST,PUT,DELETE,OPTIONS"
    
        Header set Access-Control-Allow-Headers: "Content-Type"
    
    </IfModule>
> 添加到httpd.conf最下面

NGINX
-----

add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Methods' 'PUT,POST,GET,DELETE,OPTIONS';
    add_header 'Access-Control-Allow-Headers' 'Content-Type,Content-Length, Authorization, Accept,X-Requested-With';
或

location / {  
      add_header Access-Control-Allow-Origin *;
      add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept";
      add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
    }

> 将代码添加到NGINX

HTML
----

Java
----

response.setHeader("Access-Control-Allow-Origin", "*");

.net
----

Response.AddHeader("Access-Control-Allow-Origin", "*");

Last modification：November 18, 2020