Nginx Configure cross-Domain HTTP request method options
See the headline is a bit of a drag, why the Cross-domain and HTTP request method options are related, because when you get resources across the domain, browsing for security considerations will first use the options to make the request to see whether the normal return, because the use of options to return the 206 status code, Returns pages will not be jumped or refreshed, whether normal or not
Configuring Cross-Domain
Add the following code to the server,location, allowing subsequent requests and normal return status codes as soon as the options request
if ($request _method = ' OPTIONS ') {
Add_header Access-control-allow-origin $http _origin;
Add_header Access-control-allow-headers Authorization,content-type,accept,origin,user-agent,dnt,cache-control, X-mx-reqtoken,x-data-type,x-requested-with;
Add_header Access-control-allow-methods Get,post,options,head,put;
Add_header access-control-allow-credentials true;
Add_header access-control-allow-headers X-data-type,x-auth-token;
}
HTTP Options Explanation
1. Obtain the HTTP request method supported by the server; It is also the method that hackers often use. The support request method is related to the HTTP protocol version and the Web server configuration
2、 is used to check the performance of the server. For example, if Ajax is a cross-domain request, it needs to send an HTTP options header to a resource in another domain to determine whether the actual request is secure.
3、http return to normal status code 206