Nginx后缺少响应标头[关闭]
Posted
技术标签:
【中文标题】Nginx后缺少响应标头[关闭]【英文标题】:Response headers missing after Nginx [closed] 【发布时间】:2021-07-07 21:04:39 【问题描述】:我在 nodejs/express Rest API 之上设置了一个 nginx 反向代理。
在 Nodejs 的 rest api 上设置了 CORS 标头。 如果我直接对这个 api 进行 curl 调用,我会得到以下响应(使用 Access-Control-Allow-Origin:https://example.fun ...)
curl 'http://auth_auth-node:3005/api/v1/auth/signin' \
-IL \
-X 'POST' \
-H 'Connection: keep-alive' \
-H 'Content-Length: 0' \
-H 'sec-ch-ua: "Google Chrome";v="89", "Chromium";v="89", ";Not A Brand";v="99"' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/537.36 (Khtml, like Gecko) Chrome/89.0.4389.114 Safari/537.36' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'authorization: Basic MTIzMTIzMTIzOjEyMzEyMzEyMzEyMw==' \
-H 'Accept: */*' \
-H 'Origin: https://example.fun' \
-H 'Sec-Fetch-Site: same-site' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: https://example.fun/' \
-H 'Accept-Language: en-US,en;q=0.9,sl;q=0.8' \
-H 'Cookie: G_ENABLED_IDPS=google'
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
Access-Control-Allow-Origin: https://example.fun
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 35
ETag: W/"23-2KCO139FgVvJW0SbnMBTOug2br4"
Date: Mon, 12 Apr 2021 18:52:38 GMT
Connection: keep-alive
Keep-Alive: timeout=5
我无法弄清楚为什么在调用 nginx 后缺少此标头(如下所示)
curl 'https://api.example.fun/api/v1/auth/signin' \
-IL \
-X 'POST' \
-H 'Connection: keep-alive' \
-H 'Content-Length: 0' \
-H 'sec-ch-ua: "Google Chrome";v="89", "Chromium";v="89", ";Not A Brand";v="99"' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'authorization: Basic MTIzMTIzMTIzOjEyMzEyMzEyMzEyMw==' \
-H 'Accept: */*' \
-H 'Origin: https://example.fun' \
-H 'Sec-Fetch-Site: same-site' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: https://example.fun/' \
-H 'Accept-Language: en-US,en;q=0.9,sl;q=0.8' \
-H 'Cookie: G_ENABLED_IDPS=google'
HTTP/1.1 401 Unauthorized
Server: nginx/1.19.9
Date: Mon, 12 Apr 2021 18:33:29 GMT
Content-Type: application/json
Content-Length: 40
Connection: keep-alive
Nginx 配置:
upstream auth-node
server auth_auth-node:3005;
server
access_log /var/log/nginx/auth_node.log main; # Each API may also log to a separate file
listen 443 ssl;
server_name api.example.fun;
# TLS config
ssl_certificate /etc/certs/domain.crt;
ssl_certificate_key /etc/certs/domain.key;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 15m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols TLSv1.2 TLSv1.3;
location /
proxy_pass http://auth-node; # proxy to the server
proxy_set_header Host $host;
error_page 404 = @400; # Invalid paths are treated as bad requests
proxy_intercept_errors on; # Do not send backend errors to the client
include /etc/nginx/api_json_errors.conf; # API client friendly JSON error responses
default_type application/json;
【问题讨论】:
尝试将proxy_pass_request_headers on;
添加到位置块。
@Molda 谢谢,试过了。它没有做任何改变。
【参考方案1】:
其实想通了。
在 nginx.conf 的 HTTP 部分我有 include /etc/nginx/api_json_errors.conf;
将其注释掉后,标题就在那里。
【讨论】:
以上是关于Nginx后缺少响应标头[关闭]的主要内容,如果未能解决你的问题,请参考以下文章
Nginx上游过早关闭连接,同时从上游读取响应标头,用于大型请求
错误:从上游 [uWSGI/Django/NGINX] 读取响应标头时,上游过早关闭连接