nginx add_header无法正常工作

Pet*_*lev 50 nginx

我有一个有趣的问题,每当我add_header在使用PHP和php-fpm运行nginx的ubuntu服务器上使用我的虚拟主机配置时,它根本不起作用,我不知道我做错了什么.这是我的配置文件:

server {
    listen   80; ## listen for ipv4; this line is default and implied
    #listen   [::]:80 default ipv6only=on; ## listen for ipv6

    root /var/www/example.com/webroot/;
    index index.html index.htm index.php;

    # Make site accessible from http://www.example.com/
    server_name www.example.com;

    # max request size
    client_max_body_size 20m;

    # enable gzip compression
    gzip             on;
    gzip_static      on;
    gzip_min_length  1000;
    gzip_proxied     expired no-cache no-store private auth;
    gzip_types       text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
    add_header PS 1

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to index.html
            try_files $uri $uri/ /index.php?$query_string;
            # Uncomment to enable naxsi on this location
            # include /etc/nginx/naxsi.rules
    }


    location ~* \.(css|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|$
            # 1 year -> 31536000
            expires 500s;
            access_log off;
            log_not_found off;
            add_header Pragma public;
            add_header Cache-Control "max-age=31536000, public";
    }
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

            # With php5-cgi alone:
            #fastcgi_pass 127.0.0.1:9000;
            # With php5-fpm:
            fastcgi_pass unix:/var/run/example.sock;
            fastcgi_index index.php?$query_string;
            include fastcgi_params;

            # instead I want to get the value from Origin request header
    }

    # Deny access to hidden files
    location ~ /\. {
            deny all;
            access_log off;
            log_not_found off;
    }

    error_page 403 /403/;
}

server {
    listen 80;
    server_name example.com;
    rewrite     ^ http://www.example.com$request_uri? permanent;
}
Run Code Online (Sandbox Code Playgroud)

我已经尝试将标题添加到其他位置部分,但结果是相同的.

任何帮助赞赏!!

Adi*_*M P 90

对我来说有两个问题.

一个是nginx只处理它在树下的最后一个 add_header点.因此,如果您add_headerserver上下文中有一个,然后在location嵌套上下文中有另一个,它将只处理上下文中的add_header指令location.只有最深刻的背景.

从上NGINX文档add_header:

可能有几个add_header指令.当且仅当在当前级别上没有定义add_header指令时,这些指令才从先前级别继承.

第二个问题是location / {}我所使用的块实际上是将nginx发送到另一个location ~* (\.php)$块(因为它会重新通过所有请求index.php,这实际上使得nginx处理这个php块).所以,我add_header在第一个位置指令中的指令是无用的,并且在我将所需的所有指令放入php位置指令之后它开始工作.

最后,这是我的工作配置,允许在名为Laravel的MVC框架的上下文中使用CORS(您可以轻松地更改它以适应任何index.php作为所有请求的单个入口点的PHP框架).

server {
    root /path/to/app/public;
    index index.php;

    server_name test.dev;

    # redirection to index.php
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

        # With php5-fpm:
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;

        # cors configuration
        # whitelist of allowed domains, via a regular expression
        # if ($http_origin ~* (http://localhost(:[0-9]+)?)) {
        if ($http_origin ~* .*) { # yeah, for local development. tailor your regex as needed
             set $cors "true";
        }

        # apparently, the following three if statements create a flag for "compound conditions"
        if ($request_method = OPTIONS) {
            set $cors "${cors}options";
        }

        if ($request_method = GET) {
            set $cors "${cors}get";
        }

        if ($request_method = POST) {
            set $cors "${cors}post";
        }

        # now process the flag
        if ($cors = 'trueget') {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
        }

        if ($cors = 'truepost') {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';
        }

        if ($cors = 'trueoptions') {
            add_header 'Access-Control-Allow-Origin' "$http_origin";
            add_header 'Access-Control-Allow-Credentials' 'true';

            add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';

            add_header 'Content-Length' 0;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            return 204;
        }
    }

    error_log /var/log/nginx/test.dev.error.log;
    access_log /var/log/nginx/test.dev.access.log;
}

上述要点见:https://gist.github.com/adityamenon/6753574

  • 谢谢,这帮我解决了我的问题.我在nginx.conf中添加了一个标题,但它没有采取.阅读本文后,我将add_header移动到特定的sites_available配置文件,然后它就可以了. (3认同)
  • index.php路由处理也引起了我的注意.谢谢! (2认同)
  • 我也有类似的问题。只是添加一些重要的内容:如果if语句中也使用相同的规则-您必须在其中添加所有“ add_header”语句 (2认同)

bir*_*ire 25

当我用以下方法测试上述add_header设置时:

# nginx -t && service nginx reload
Run Code Online (Sandbox Code Playgroud)

我明白了

nginx: [emerg] directive "add_header" is not terminated by ";" in
/etc/nginx/enabled-sites/example.com.conf:21

nginx: configuration file /etc/nginx/nginx.conf test failed
Run Code Online (Sandbox Code Playgroud)

所以投诉是在考虑这条线:

add_header PS 1
Run Code Online (Sandbox Code Playgroud)

错过了分号(;)

测试我喜欢使用的标头

# curl -I http://example.com
Run Code Online (Sandbox Code Playgroud)

根据ngx_http_headers_module手册

syntax: add_header name value;
default:     —
context:    http, server, location, if in location
Run Code Online (Sandbox Code Playgroud)

我进一步尝试了

add_header X-test-A 1;
add_header "X-test-B" "2";
add_header 'X-test-C' '3';
Run Code Online (Sandbox Code Playgroud)

http,serverlocation,但它只出现在server上下文中.


Did*_*edt 14

除非您在标头值之后指定"always"关键字,否则由于响应代码不在允许范围内而导致无法获取响应标头的问题.

来自官方文档:

如果响应代码等于200,201,204,206,301,302,303,304,307或308,则将指定字段添加到响应头.该值可以包含变量.


Daz*_*win 5

首先,让我说,在网上浏览后,我发现这个答案随处可见:

location ~* \.(eot|ttf|woff|woff2)$ {
    add_header Access-Control-Allow-Origin *;
}
Run Code Online (Sandbox Code Playgroud)

但是,我决定用一个单独的答案回答这个问题,因为在花了大约十多个小时寻找解决方案之后,我才设法使这个特定的解决方案生效。

默认情况下,Nginx似乎没有定义任何[正确]字体MIME类型。通过遵循这个葬礼,我发现可以添加以下内容:

application/x-font-ttf           ttc ttf;
application/x-font-otf           otf;
application/font-woff            woff;
application/font-woff2           woff2;
application/vnd.ms-fontobject    eot;
Run Code Online (Sandbox Code Playgroud)

到我的etc/nginx/mime.types档案。如前所述,以上解决方案就可以了。显然,此答案旨在共享字体,但值得注意的是,MIME类型可能未在Nginx中定义。


Pet*_*lev -3

事实证明,尝试将 nginx 更新到最新版本是导致此问题的原因。我之前曾尝试重新安装,似乎重新安装正确,但实际上 Ubuntu 没有正确删除 nginx。所以我所要做的就是重新安装 Ubuntu 服务器并使用标准 ubuntu 存储库重新安装所有内容。

  • 当实际指的是重新安装 nginx 而不是回答根本原因时,这被标记为正确答案。您的问题缺乏详细信息,哪些标头不起作用以及您将它们添加到了哪个其他位置但没有修复您的预期结果。 (4认同)