如何在NGINX上允許CORS

Question

所以我希望我的域名scanner-api.local接受移動設備/網絡應用發送的文件。

我得到

以下錯誤

MLHttpRequest無法加載http://scanner-api.local/upload。否 「訪問控制 - 允許來源」標題出現在請求的 資源中。原因'http://localhost:3000'因此不允許 訪問。

我嘗試添加以下在我的Nginx服務器，但它不工作，Nginx的崩潰

代碼

server { 
    listen 80; 
    listen [::]:80; 

    # SSL configuration 
    # 
    # listen 443 ssl default_server; 
    # listen [::]:443 ssl default_server; 
    # 
    # Note: You should disable gzip for SSL traffic. 
    # See: https://bugs.debian.org/773332 
    # 
    # Read up on ssl_ciphers to ensure a secure configuration. 
    # See: https://bugs.debian.org/765782 
    # 
    # Self signed certs generated by the ssl-cert package 
    # Don't use them in a production server! 
    # 
    # include snippets/snakeoil.conf; 

    root /var/www/stock_scan_api/public/; 

    # Add index.php to the list if you are using PHP 
    index index.php index.html index.htm index.nginx-debian.html; 

    server_name scanner-api.local; 

    #location/{ 
    # # First attempt to serve request as file, then 
    # # as directory, then fall back to displaying a 404. 
    # try_files $uri $uri/ =404; 
    #} 

    location/{ 
       # First attempt to serve request as file, then 
       # as directory, then fall back to displaying a 404. 
       try_files $uri $uri/ /index.php?$query_string; 
       # Uncomment to enable naxsi on this location 
       # include /etc/nginx/naxsi.rules 
     } 

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 
    # 
    location ~ \.php$ { 
     include snippets/fastcgi-php.conf; 

     # With php7.0-cgi alone: 
    # fastcgi_pass 127.0.0.1:9000; 
    # # With php7.0-fpm: 
     fastcgi_pass unix:/run/php/php7.0-fpm.sock; 
    } 

    # deny access to .htaccess files, if Apache's document root 
    # concurs with nginx's one 
    # 
    #location ~ /\.ht { 
    # deny all; 
    #} 
location/{ 
    if ($request_method = 'OPTIONS') { 
    add_header 'Access-Control-Allow-Origin' '*'; 
    add_header 'Access-Control-Allow-Credentials' 'true'; 
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 
    add_header 'Access-Control-Max-Age' 1728000; 
    add_header 'Content-Type' 'text/plain charset=UTF-8'; 
    add_header 'Content-Length' 0; 
    return 204; 
    } 
    if ($request_method = 'POST') { 
    add_header 'Access-Control-Allow-Origin' '*'; 
    add_header 'Access-Control-Allow-Credentials' 'true'; 
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 
    } 
    if ($request_method = 'GET') { 
    add_header 'Access-Control-Allow-Origin' '*'; 
    add_header 'Access-Control-Allow-Credentials' 'true'; 
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 
    } 
} 
} 

什麼能在這個錯誤？

Answer 1

嘗試移除周圍像標題和值的單引號：

add_header訪問控制允許來源*;