admin管理员组

文章数量:1794759

Ingress 兼容https & http 跨域配置access

Ingress 兼容https & http 跨域配置access

www.105188/sh/770411.html style="color:#2aa0ea" target=_blank class=infotextkey>Ingress 兼容前端https & http 跨域配置access-control-allow-origin

场景说明:

前端域名a访问后端b域名,其中b使用Ingress配置,需要支持a和a两种前端域名跨域方式访问b。

一、使用Ingress原生跨域Annotations配置只可满足其中一种情况

注意,官方最新的文档cors-allow-origin支持配置多个域名,但在我们使用的比较旧的版本0.32中配置两个直接被设置为*,导致失败

annotations: nginx.ingress.kubernetes.io/enable-cors: 'true' nginx.ingress.kubernetes.io/cors-allow-origin: 'a' # 或者 nginx.ingress.kubernetes.io/cors-allow-origin: 'a' nginx.ingress.kubernetes.io/cors-allow-methods: '*' nginx.ingress.kubernetes.io/cors-allow-headers: '*' nginx.ingress.kubernetes.io/cors-allow-credentials: 'true' 二、以上配置生成的nginx.conf片段 # Cors Preflight methods needs additional options and different Return Code if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; more_set_headers 'Access-Control-Allow-Credentials: true'; more_set_headers 'Access-Control-Allow-Methods: *'; more_set_headers 'Access-Control-Allow-Headers: *'; more_set_headers 'Access-Control-Max-Age: 1728000'; more_set_headers 'Content-Type: text/plain charset=UTF-8'; more_set_headers 'Content-Length: 0'; return 204; } more_set_headers 'Access-Control-Allow-Origin: *'; more_set_headers 'Access-Control-Allow-Credentials: true'; more_set_headers 'Access-Control-Allow-Methods: *'; more_set_headers 'Access-Control-Allow-Headers: *'; 三、根据自动生成的nginx.conf改为使用configuration-snippet配置 annotations: nginx.ingress.kubernetes.io/configuration-snippet: | if ($request_method = 'OPTIONS') { more_set_headers "Access-Control-Allow-Origin: $http_origin"; more_set_headers 'Access-Control-Allow-Credentials: true'; more_set_headers 'Access-Control-Allow-Methods: *'; more_set_headers 'Access-Control-Allow-Headers: *'; more_set_headers 'Access-Control-Max-Age: 1728000'; more_set_headers 'Content-Type: text/plain charset=UTF-8'; more_set_headers 'Content-Length: 0'; return 204; } more_set_headers "Access-Control-Allow-Origin: $http_origin"; more_set_headers 'Access-Control-Allow-Credentials: true'; more_set_headers 'Access-Control-Allow-Methods: *'; more_set_headers 'Access-Control-Allow-Headers: *'; nginx.ingress.kubernetes.io/ssl-redirect: 'false'

本文标签: httpsIngressampAccessHTTP

版权声明:本文标题:Ingress 兼容https & http 跨域配置access 内容由林淑君副主任自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.xiehuijuan.com/baike/1686964370a123033.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。