Nginx. Заблокировано политикой CORS

Question

Текущий nginx config:

server {
    listen hidden:80;
    server_name dev.hidden.com;
    root /var/www/back/hidden-api;


    location / {
        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Allow-Headers' "Origin, X-Requested-With, Content-Type, Accept" always;

        proxy_pass http://localhost:8081;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

}

Это просто не пробовал, но ошибка остается следующей:

Access to XMLHttpRequest at 'http://dev.hidden.com/usr/register/do' from origin 'http://front.hidden.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

Answer 1

Можете ли вы попробовать добавить следующее в вашу конфигурацию в блоке местоположения:

if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Allow-Headers' "Origin, X-Requested-With, Content-Type, Accept" always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain; charset=utf-8';
        add_header 'Content-Length' 0;
        return 204;
     }

См. https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Preflighted_requests для получения дополнительной информации о проверках CORS Preflight.