可能是 Cloudflare 背锅,后端的 CORS header 一直消失不见,增加任意自定义 header 也是消失不见,见鬼了
无奈关闭 Cloudflare CDN,清除 CDN缓存,刷新 DNS 缓存并解析到源站已生效,还是所有后端响应 header 莫名全部丢失!!
客户端浏览器测试,请求 header 始终带了一些 Cloudflare 特有字段,玄学了,能清的都清了,也换浏览器了,数个钟之后才恢复正常
后端(MyUrls) nginx 配置:
location / {
proxy_pass http://127.0.0.1:8002;
#跨域
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Headers' $http_access_control_request_headers always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400 always;
add_header 'Access-Control-Allow-Methods' 'PUT,GET,POST,DELETE,HEAD' always;
if ($request_method = 'OPTIONS') {
return 204;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
# 针对 POST 请求特别配置,修复后端返回 POST 444 / 404 状态码
location ~ ^/short {
proxy_pass http://127.0.0.1:8002;
#跨域
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Headers' $http_access_control_request_headers always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400 always;
add_header 'Access-Control-Allow-Methods' 'PUT,GET,POST,DELETE,HEAD' always;
if ($request_method = 'OPTIONS') {
return 204;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
前端(sub-web) Nginx 配置:
server
{
# 跨域
add_header 'Access-Control-Allow-Origin' $http_origin always;
add_header 'Access-Control-Allow-Headers' $http_access_control_request_headers always;
add_header 'Access-Control-Max-Age' 86400 always;
add_header 'Access-Control-Allow-Methods' 'PUT,GET,POST,DELETE,HEAD' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
add_header Cache-Control no-store always;
}