ini 这是一个nginx配置,它执行以下操作: - 在`example.com`和`api.example.com`之间使用CORS实现RESTful API

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ini 这是一个nginx配置,它执行以下操作: - 在`example.com`和`api.example.com`之间使用CORS实现RESTful API相关的知识,希望对你有一定的参考价值。

# Configure the reverse-proxy on port 443
server {
  # general configs
  keepalive_timeout    30;
  listen               127.0.0.1:443 ssl;
  server_name          api.example.com;

  # ssl configs
  ssl_certificate      /path/to/api.crt;
  ssl_certificate_key  /path/to/api.key;
  ssl_session_cache    shared:SSL:10m;
  ssl_session_timeout  10m;

  # proxy to the nodejs applciation
  location / {

    # handle OPTIONS requests
    # @note: don't try to DRY out this "if" block, or you're gonna have a bad time.
    # @see: http://wiki.nginx.org/IfIsEvil
    if ($request_method = 'OPTIONS') {
      add_header 'Access-Control-Allow-Credentials' 'true';
      add_header 'Access-Control-Allow-Headers'     'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
      add_header 'Access-Control-Allow-Methods'     'GET, DELETE, OPTIONS, POST, PUT';
      add_header 'Access-Control-Allow-Origin'      'https://example.com';
      add_header 'Access-Control-Max-Age'           2592000;
      add_header 'Content-Length'                   0;
      add_header 'Content-Type'                     'text/plain charset=UTF-8';
      return 204;
    }

    # proxy to the nodejs application
    client_max_body_size 64G;
    proxy_pass   http://127.0.0.1:8000;

    # send the CORS headers
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Origin'      'https://example.com';

    # set additional security headers
    add_header 'Cache-Control'                    'no-cache, no-store, must-revalidate';
    add_header 'Content-Security-Policy'          'connect-src example.com';
    add_header 'Expires'                          '0';
    add_header 'Pragma'                           'no-cache';
    add_header 'Strict-Transport-Security'        'max-age=31536000; includeSubDomains';
    add_header 'X-Content-Type-Options'           'nosniff';
    add_header 'X-Frame-Options'                  'DENY';
    add_header 'X-XSS-Protection'                 '1; mode=block';
  }

  # logs paths
  access_log /path/to/access.log;
  error_log  /path/to/error.log;
}

# Rewrite all trafic on port 80 to 443
server {
  listen         127.0.0.1:80;
  server_name    api.example.com;
  rewrite        ^ https://$server_name:8000$request_uri? permanent;
}

以上是关于ini 这是一个nginx配置,它执行以下操作: - 在`example.com`和`api.example.com`之间使用CORS实现RESTful API的主要内容,如果未能解决你的问题,请参考以下文章

使用 .ebextensions 添加到 nginx 配置

在vagrant homestead上配置php.ini

php.ini优化,,,php-fpm

ini [nginx conf] nginx简易转发配置#nginx

ini Nginx最佳配置(基本配置)

ini Nginx最佳配置(基本配置)