Iframe 401 Unauthorized NGINX 3CX

问题描述 投票:0回答:1

我想在我的网站上使用3CX webclient的iframe。这个iframe在Firefox和Internet Explorer上运行良好,但在Chrome上不起作用(iframe出现,但我无法登录)。当我在Chrome上访问控制台时,错误是:

“无法加载资源:服务器响应状态为401(未授权)”。

当我进入网络选项卡时,xhr文件为红色,这是捕获文件头错误:

enter image description here

我拥有这个3CX服务器的每个文件。正如您所看到的,3CX使用Nginx,这是Nginx的配置文件:

#user  nobody;
worker_processes  auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  10240;
}


http {
    map $http_upgrade $connection_upgrade {
        default upgrade;
        '' $http_connection;
    }

    include       mime.types;
    default_type  application/octet-stream;
	#limit_req_zone $binary_remote_addr zone=perip:50m rate=1000r/s;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
	

    server {
        add_header X-Frame-Options "SAMEORIGIN";
        listen 5000;
        listen [::]:5000;
        server_name gesika.3cx.fr;
        server_tokens off;

        access_log off;
        error_log nul crit;

        allow 192.168.0.0/16; 
        allow 172.16.0.0/12;
        allow 10.0.0.0/8;
        allow 127.0.0.1;
        allow ::0/0;
        deny all;

        client_max_body_size 300m;

        location /user_images {
            expires 1y;
            add_header Pragma public;
            add_header Cache-Control "public";
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
        }

        location ~ /webclient/.*\.(js|css|woff|woff2|json|mp3)$ {
            expires 1y;
            add_header Pragma public;
            add_header Cache-Control "public";
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
        }

        location ~ index\.html {
            add_header Cache-Control "no-cache, no-store, must-revalidate";
            add_header Pragma no-cache;
            expires 0;
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
        }

        location / {
            index index.html;
            root C:/ProgramData/3CX/Data/Http/wwwroot;
            try_files $uri $uri/ @proxy; 
        }

        location /MyPhone {
            alias C:/ProgramData/3CX/Instance1/Data/Http/Interface/MyPhone;
            try_files $uri $uri/ @proxy; 
        }

        location @proxy {
            proxy_set_header    Upgrade $http_upgrade;
            proxy_set_header    Connection $connection_upgrade;
            proxy_set_header    Host $host;
            proxy_set_header    X-Real-IP   $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass  http://127.0.0.1:5004;
            proxy_buffering off;
        }

        location /management/Reports {
            alias "C:/ProgramData/3CX/Instance1/Data/Http/Reports";
        }

    }


    server {
        add_header X-Frame-Options "SAMEORIGIN";
        listen       5001 ssl;
        listen [::]:5001 ssl;
        server_name  gesika.3cx.fr;
        server_tokens off;

        access_log off;
        error_log nul crit;

        ssl_dhparam Instance1/dhparam.pem;
        ssl_session_cache shared:SSL:60m;
        ssl_session_timeout 1d;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header Strict-Transport-Security max-age=15768000;

        ssl_certificate      Instance1/gesika.3cx.fr-crt.pem;
        ssl_certificate_key  Instance1/gesika.3cx.fr-key.pem;

        ssl_ciphers  'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA:!ECDHE-ECDSA-DES-CBC3-SHA';

        ssl_prefer_server_ciphers  on;

        client_max_body_size 300m;

        location /user_images {
            expires 1y;
            add_header Pragma public;
            add_header Cache-Control "public";
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
        }

        location ~ /webclient/.*\.(js|css|woff|woff2|json|mp3)$ {
            expires 1y;
            add_header Pragma public;
            add_header Cache-Control "public";
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
        }

        location ~ index\.html {
            add_header Cache-Control "no-cache, no-store, must-revalidate";
            add_header Pragma no-cache;
            expires 0;
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
        }

        location / {
            index index.html;
            root "C:/ProgramData/3CX/Data/Http/wwwroot";
            try_files $uri $uri/ @proxy;
        }

        location /MyPhone {
            alias "C:/ProgramData/3CX/Instance1/Data/Http/Interface/MyPhone";
            try_files $uri $uri/ @proxy;
        }

        location @proxy {
            proxy_set_header    Upgrade $http_upgrade;
            proxy_set_header    Connection $connection_upgrade;
            proxy_set_header    Host $host;
            proxy_set_header    X-Real-IP   $remote_addr;
            proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass  http://127.0.0.1:5004;
            proxy_buffering off;
        }

        location /management/Reports {
            alias "C:/ProgramData/3CX/Instance1/Data/Http/Reports";
        }

    }

}

如你所见,有add_header X-Frame-Options "SAMEORIGIN";。我删除了这一行。我也尝试用这个add_header X-Frame-Options "ALLOW-FROM *";替换它,但它仍然无效。我没有忘记重新加载我的服务器。

我试着在配置文件中添加它:

location ~* \.(eot|ttf|woff|woff2)$ {
    add_header Access-Control-Allow-Origin *;
}

当我在3CX服务器的同一域中创建页面时,我的iframe可在Chrome上运行。所以问题在于跨域起源(CORS)。

提前感谢任何能够帮助我解决此问题的人。

nginx iframe cors cross-domain http-status-code-401
1个回答
0
投票

更改3cx nginx conf文件夹中的共享头文件设置你有几个参数像x-frame和一些祖先设置要么放置你的网站域或删除它们,以便它允许所有人访问。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.