前端 nginx
# 添加头部信息
proxy_send_timeout 30; # 后端服务器连接超时时间
proxy_read_timeout 30; # 后端服务器数据回传时间
proxy_connect_timeout 30; # 后端服务器连接的超时时间
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
#proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-real-ip $remote_addr;
proxy_hide_header X-Powered-By; # 隐藏信息
# 隐藏信息
server_tokens off; # 隐藏php版本号
# gzip压缩
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 3;
gzip_types text/plain application/x-javascript text/css application/xml application/json ;
gzip_vary on;
# 文件上传
client_max_body_size 300M; # 文件上传最大值
limit_rate 1M; # 限速设置
keepalive_timeout 1800; # 保持连接的时间
sendfile on; # 设置为on表示启动高效传输文件的模式
# 反向代理到后端api地址
location ^~ /api/ {
proxy_pass http://www.api.com/;
}
后端 nginx
# 验证来源
if ($host != "117.122.225.39") {
return 202;
}
# 头部请求设置
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Credentials: true;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS,PATCH;
add_header Access-Control-Allow-Headers Origin,X-Requested-Width,Content-Type,Accept;
add_header Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Access-Control-Expose-Headers,Token,Authorization;
if ($request_method = 'OPTIONS') {
return 204;
}