【发布时间】:2019-02-04 20:31:26
【问题描述】:
我正在使用 Nginx 运行 WebDAV。我有一个 JS 应用程序将其用作存储。问题是 WebDAV 扩展正在删除我在配置中使用“add_header”添加的标头。
server {
# IP, Certificates, fullpath, autoindex ...
dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS;
dav_access user:rw group:rw all:rw;
location / {
root /srv/http/content;
# Preflighted requests
if ($request_method = OPTIONS) {
add_header "Access-Control-Allow-Origin" *;
add_header "Access-Control-Allow-Methods" "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND";
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept, DNT, X-CustomHeader, Keep-Alive,User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Range, Range, Depth";
return 200;
}
if ($request_method = (GET|POST|HEAD|DELETE|PROPFIND)) {
add_header "Access-Control-Allow-Origin" *;
add_header "Access-Control-Allow-Methods" "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND";
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
}
}
}
当我从我的应用程序打开 WebDAV 连接时,它会请求 OPTIONS,然后是 PROPFIND。请求 OPTIONS 通过正确的 CORS 标头传递,但 PROPFIND 失败,因为没有设置 CORS 标头。
请注意配置中OPTIONS 的特殊情况,我强制Nginx 返回Http200。然后出现标题。但是当让 WebDAV 完成时,所有 CORS 标头都会消失。
有人规避了这种行为吗?
【问题讨论】:
标签: nginx cors webdav propfind