nginx add_header 不工作

Question

我遇到了一个有趣的问题，每当我在使用 PHP 和 php-fpm 运行 nginx 的 ubuntu 服务器上的虚拟主机配置中使用 add_header 时，它就不起作用，我不知道是什么我做错了。这是我的配置文件:

server {
    listen   80; ## listen for ipv4; this line is default and implied
    #listen   [::]:80 default ipv6only=on; ## listen for ipv6

    root /var/www/example.com/webroot/;
    index index.html index.htm index.php;

    # Make site accessible from http://www.example.com/
    server_name www.example.com;

    # max request size
    client_max_body_size 20m;

    # enable gzip compression
    gzip             on;
    gzip_static      on;
    gzip_min_length  1000;
    gzip_proxied     expired no-cache no-store private auth;
    gzip_types       text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
    add_header PS 1

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to index.html
            try_files $uri $uri/ /index.php?$query_string;
            # Uncomment to enable naxsi on this location
            # include /etc/nginx/naxsi.rules
    }


    location ~* \.(css|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|$
            # 1 year -> 31536000
            expires 500s;
            access_log off;
            log_not_found off;
            add_header Pragma public;
            add_header Cache-Control "max-age=31536000, public";
    }
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

            # With php5-cgi alone:
            #fastcgi_pass 127.0.0.1:9000;
            # With php5-fpm:
            fastcgi_pass unix:/var/run/example.sock;
            fastcgi_index index.php?$query_string;
            include fastcgi_params;

            # instead I want to get the value from Origin request header
    }

    # Deny access to hidden files
    location ~ /\. {
            deny all;
            access_log off;
            log_not_found off;
    }

    error_page 403 /403/;
}

server {
    listen 80;
    server_name example.com;
    rewrite     ^ http://www.example.com$request_uri? permanent;
}

我尝试将 header 添加到其他位置部分，但结果是相同的。

感谢任何帮助!!

Answer 1

我有两个问题。

其中之一是 nginx 仅处理最后 add_header它落在一棵树上。因此，如果您有 add_header在 server上下文，然后是 location 中的另一个嵌套上下文，它只会处理 add_header location 内的指令语境。只有最深层的上下文。

摘自 add_header 上的 NGINX 文档:

There could be several add_header directives. These directives are inherited from the previous level if and only if there are no add_header directives defined on the current level.

第二个问题是 location / {}我的 block 实际上是将 nginx 发送到另一个 location ~* (\.php)$ block (因为它会通过 index.php 重新路径所有请求，这实际上使 nginx 处理这个 php block )。所以，我的add_header第一个 location 指令中的指令毫无用处，当我将所有需要的指令放入 php location 指令中后，它开始工作。

最后，这是我的工作配置，允许在名为 Laravel 的 MVC 框架的上下文中使用 CORS(您可以轻松更改此设置以适应任何将 index.php 作为所有请求的单个入口点的 PHP 框架)。

server {    root /path/to/app/public;    index index.php;    server_name test.dev;    # redirection to index.php    location / {        try_files $uri $uri/ /index.php?$query_string;    }    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000    location ~ \.php$ {        fastcgi_split_path_info ^(.+\.php)(/.+)$;        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini        # With php5-fpm:        fastcgi_pass unix:/var/run/php5-fpm.sock;        fastcgi_index index.php;        include fastcgi_params;        # cors configuration        # whitelist of allowed domains, via a regular expression        # if ($http_origin ~* (http://localhost(:[0-9]+)?)) {        if ($http_origin ~* .*) { # yeah, for local development. tailor your regex as needed             set $cors "true";        }        # apparently, the following three if statements create a flag for "compound conditions"        if ($request_method = OPTIONS) {            set $cors "${cors}options";        }        if ($request_method = GET) {            set $cors "${cors}get";        }        if ($request_method = POST) {            set $cors "${cors}post";        }        # now process the flag        if ($cors = 'trueget') {            add_header 'Access-Control-Allow-Origin' "$http_origin";            add_header 'Access-Control-Allow-Credentials' 'true';        }        if ($cors = 'truepost') {            add_header 'Access-Control-Allow-Origin' "$http_origin";            add_header 'Access-Control-Allow-Credentials' 'true';        }        if ($cors = 'trueoptions') {            add_header 'Access-Control-Allow-Origin' "$http_origin";            add_header 'Access-Control-Allow-Credentials' 'true';            add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';            add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';            add_header 'Content-Length' 0;            add_header 'Content-Type' 'text/plain charset=UTF-8';            return 204;        }    }    error_log /var/log/nginx/test.dev.error.log;    access_log /var/log/nginx/test.dev.access.log;}

上述要点位于:https://gist.github.com/adityamenon/6753574