Nginx 不转发响应头

问题描述 投票:0回答:1

我有一个 .Net 6 应用程序,对于以下请求返回如下响应。请注意,有 

Access-Control-Allow-Origin
礼物:

$ curl -i http://localhost:5081/Artworks/IMG_9346m.jpg -H "origin:https://m.beatajakimiak.art.pl" -H "referer:https://m.beatajakimiak.art.pl/" -o /dev/null -v
*   Trying 127.0.0.1:5081...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to localhost (127.0.0.1) port 5081 (#0)
> GET /Artworks/IMG_9346m.jpg HTTP/1.1
> Host: localhost:5081
> User-Agent: curl/7.81.0
> Accept: */*
> origin:https://m.beatajakimiak.art.pl
> referer:https://m.beatajakimiak.art.pl/
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Length: 465767
< Content-Type: image/jpeg
< Date: Thu, 24 Aug 2023 20:23:16 GMT
< Server: Kestrel
< Accept-Ranges: bytes
< Access-Control-Allow-Origin: https://m.beatajakimiak.art.pl
< ETag: "1d837e79f7d7b67"
< Last-Modified: Mon, 14 Mar 2022 21:08:16 GMT
< Vary: Origin
<
{ [16384 bytes data]
100  454k  100  454k    0     0  39.8M      0 --:--:-- --:--:-- --:--:-- 40.3M
* Connection #0 to host localhost left intact

我什至在托管nginx和这个网站的机器上打开了5081端口一段时间,直接调用。 

Access-Control-Allow-Origin
就在那里。 CORS 请求运行良好。我可以在 chrome 开发工具的响应标头中看到标头。

我为其配置了 Nginx 代理,如下所示:

server {
    server_name beatajakimiak.art.pl www.beatajakimiak.art.pl;

    include /etc/nginx/snippets/global.conf;
    include /etc/nginx/snippets/global_images_cache.conf;

    #access_log /var/log/nginx/beatajakimiak_art_pl/access.log;
    error_log  /var/log/nginx/beatajakimiak_art_pl/error.log;

    root /srv/www/beatajakimiakwebsite/wwwroot;

    location / {
        proxy_pass         http://localhost:5081;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

    listen [::]:443 ssl http2; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ... SSL CONFIGURATION ...
}

global.conf 看起来像这样:

location = /favicon.ico {
    log_not_found off;
    access_log off;
}

location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
}

location ~ /\. {
    deny all;
}

location ~* /(?:uploads|files)/.*\.php$ {
    deny all;
}

location ~ /\.ht {
    deny all;
}

add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

global_images_cache.conf 看起来像这样:

location ~* \.(?:jpg|jpeg|gif|png|ico|woff2)$ {
    expires 1M;
    add_header Cache-Control "public";
}

现在,使用此配置,如果我使用相同的卷曲调用我的网站,我不会在响应中收到 Access-Control-Allow-Origin 标头。我尝试使用其他自定义标头,但它们也没有转发到响应:

$ curl -i https://beatajakimiak.art.pl/Artworks/IMG_9346m.jpg -H "origin:https://m.beatajakimiak.art.pl" -H "referer:https://m.beatajakimiak.art.pl/" -o /dev/null -v
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 83.11.166.97:443...
[... TLS ...]
> GET /Artworks/IMG_9346m.jpg HTTP/2
> Host: beatajakimiak.art.pl
> user-agent: curl/7.81.0
> accept: */*
> origin:https://m.beatajakimiak.art.pl
> referer:https://m.beatajakimiak.art.pl/
>
[... TLS ...]
< HTTP/2 200
< server: nginx/1.18.0 (Ubuntu)
< date: Thu, 24 Aug 2023 20:24:08 GMT
< content-type: image/jpeg
< content-length: 465767
< last-modified: Mon, 14 Mar 2022 21:08:16 GMT
< etag: "622faec0-71b67"
< expires: Sat, 23 Sep 2023 20:24:08 GMT
< cache-control: max-age=2592000
< cache-control: public
< accept-ranges: bytes
<
[... TLS ...]
100  454k  100  454k    0     0  7416k      0 --:--:-- --:--:-- --:--:-- 7456k
* Connection #0 to host beatajakimiak.art.pl left intact

我的配置有什么问题,它隐藏了响应标头?

nginx nginx-reverse-proxy nginx-config nginx-location
1个回答
0
投票

我终于找到了。我添加到每个网站的默认 nginx 

global_images_cache.conf
片段是处理静态 jpg 文件而不是代理网站的请求。

从网站的 nginx 配置中排除 

global_images_cache.conf
解决了我的问题。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.