Nginx Configure Cross-domain-http request Methods Options__nginx Cross-domain

Nginx Configure cross-Domain HTTP request method options

See the headline is a bit of a drag, why the Cross-domain and HTTP request method options are related, because when you get resources across the domain, browsing for security considerations will first use the options to make the request to see whether the normal return, because the use of options to return the 206 status code, Returns pages will not be jumped or refreshed, whether normal or not

Configuring Cross-Domain

Add the following code to the server,location, allowing subsequent requests and normal return status codes as soon as the options request

if ($request _method = ' OPTIONS ') {
Add_header Access-control-allow-origin $http _origin;
Add_header Access-control-allow-headers Authorization,content-type,accept,origin,user-agent,dnt,cache-control, X-mx-reqtoken,x-data-type,x-requested-with;
Add_header Access-control-allow-methods Get,post,options,head,put;
Add_header access-control-allow-credentials true;
Add_header access-control-allow-headers X-data-type,x-auth-token;
}

HTTP Options Explanation

1. Obtain the HTTP request method supported by the server; It is also the method that hackers often use. The support request method is related to the HTTP protocol version and the Web server configuration
2､ is used to check the performance of the server. For example, if Ajax is a cross-domain request, it needs to send an HTTP options header to a resource in another domain to determine whether the actual request is secure.
3､http return to normal status code 206