1.在coding page 部署了一个项目比如地址这样http://app.coding.me/film
,接口在第三方服务器地址http://xxx.com/v4/api/..
2.现在在阿里的服务器上用nginx
反向代理接口转发,解决了跨域,但发现在在http://app.coding.me/film
域名发送请求本地cookie无法发送给第三方服务器。而且request headers
无法携带cookie 上去 withCredentials:true
这是我的代理配置请问有毛病吗
listen 80;
server_name api.server.top;//#接口请求域名
location /api {
add_header 'Access-Control-Allow-Origin' http://app.coding.me;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
proxy_cookie_domain xxx.com app.coding.me;#重新改写第三方返回cookie domain
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_set_header Referer xxx.com;
proxy_set_header Host $proxy_host;
proxy_pass http://xxx.com/v4/api/;#目标接口地址
}
#response
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Thu, 25 May 2017 07:53:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1761
Connection: keep-alive
X-Powered-By: MaizuoMobileWeb/4.27.10
Set-Cookie: cityId=10; Max-Age=2592000; Domain=.xxx.com; Path=/; Expires=Sat, 24 Jun 2017 07:55:19 GMT
Set-Cookie: cityName=%E6%B7%B1%E5%9C%B3; Max-Age=2592000; Domain=.xxx.com; Path=/; Expires=Sat, 24 Jun 2017 07:55:19 GMT
ETag: W/"JNVa2eLxZZXafos18vYaFA=="
Access-Control-Allow-Origin: http://app.coding.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
#request
Host: api.server.top
Connection: keep-alive
Accept: application/json, text/plain, */*
Origin: http://app.coding.me
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Mobile Safari/537.36
Referer: http://app.coding.me/film/
Accept-Encoding: gzip, deflate, sdch
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6,und;q=0.4,zh-TW;q=0.2,ja;q=0.2
Cookie: cityId=10; cityName=%E6%B7%B1%E5%9C%B3;
cookie cityId=13 cityName="%E5%B9%BF%E5%B7%9E" 都变了,request 和 response cookie 始终不变。
图中 cookie Domain N/A啥意思?
proxy_cookie_domain xxx.com app.coding.me;#重新改写第三方返回cookie domain 这个应该有问题
就是有问题,
不行你可以把cookie 给前端 前端再通过js 设置cookie