我需要在 nginx-ingress 版本上允许来自多个来源的请求:http://localhost:4200
、http://localhost:4242
等1.7.1.但我无法对多个来源执行此操作,因为 nginx.ingress.kubernetes.io/cors-allow-credentials: true
不适用于 nginx.ingress.kubernetes.io/cors-allow-origin: "*"
。它会导致浏览器生成 CORS 错误。也许有人有避免此错误的解决方案?
这是我的配置
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-origin: "*"
nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS, DELETE"
nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,X-CustomHeader,X-LANG,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Api-Key,X-Device-Id,Access-Control-Allow-Origin"
Access to XMLHttpRequest at 'https://stage.site.com/api/session' from origin 'http://localhost:4200' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
最佳答案
添加注释以启用CORS
:
nginx.ingress.kubernetes.io/enable-cors: "true"
请注意,字符串“*”不能用于支持凭据的资源 ( https://www.w3.org/TR/cors/#resource-requests ),请尝试使用您的域列表(逗号分隔)而不是 *
关于kubernetes - CORS 规则 nginx-ingress 规则,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51744536/