修改配置

2026-04-13 23:37:41 +07:00
parent bf473bad87
commit d868057b7e
1 changed files with 44 additions and 0 deletions
--- a/nginx/openim-pc-proxy.conf
+++ b/nginx/openim-pc-proxy.conf
@@ -5,6 +5,8 @@
 #   sudo ./deploy-test/00-init-tools.sh nginx
 #
 # 安全组 / 防火墙须放行 TCP 80；后端 10001/10002/10008 仅需本机访问（127.0.0.1）
+#
+# CORS：Vite 开发服在 :5173，API 经 :80 反代，浏览器视为跨域，需在此返回允许头并处理 OPTIONS 预检

 server {
    listen 80;
@@ -15,6 +17,14 @@ server {

    # OpenIM HTTP API → openim-server :10002
    location /api/im/ {
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $http_origin always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
+            add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
+            add_header Access-Control-Max-Age 86400 always;
+            add_header Content-Length 0;
+            return 204;
+        }
        proxy_pass http://127.0.0.1:10002/;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
@@ -23,10 +33,21 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 300s;
        proxy_send_timeout 300s;
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
+        add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
    }

    # 用户 / 登录相关 → chat-api :10008（与 im-cms-nginx 一致）
    location /api/user/ {
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $http_origin always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
+            add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
+            add_header Access-Control-Max-Age 86400 always;
+            add_header Content-Length 0;
+            return 204;
+        }
        proxy_pass http://127.0.0.1:10008/;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
@@ -35,10 +56,21 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 300s;
        proxy_send_timeout 300s;
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
+        add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
    }

    # Chat API → chat-api :10008
    location /api/chat/ {
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $http_origin always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
+            add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
+            add_header Access-Control-Max-Age 86400 always;
+            add_header Content-Length 0;
+            return 204;
+        }
        proxy_pass http://127.0.0.1:10008/;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
@@ -47,10 +79,21 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 300s;
        proxy_send_timeout 300s;
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH" always;
+        add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,X-Requested-With,DNT,User-Agent,If-Modified-Since,Cache-Control,Range" always;
    }

    # MsgGateway WebSocket → openim-server :10001
    location /msg_gateway {
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $http_origin always;
+            add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
+            add_header Access-Control-Allow-Headers "Authorization,Content-Type,token,operationID,Upgrade,Connection,Sec-WebSocket-Key,Sec-WebSocket-Version,Sec-WebSocket-Protocol,Sec-WebSocket-Extensions" always;
+            add_header Access-Control-Max-Age 86400 always;
+            add_header Content-Length 0;
+            return 204;
+        }
        proxy_pass http://127.0.0.1:10001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
@@ -63,6 +106,7 @@ server {
        proxy_buffering off;
        proxy_read_timeout 86400s;
        proxy_send_timeout 86400s;
+        add_header Access-Control-Allow-Origin $http_origin always;
    }

    # 可选：健康检查