Nginx解决跨域问题（含websocket）

1、普通Web应用跨域解决（统一添加允许的Header，直接响应options请求）

# 在nginx配置代理的文件（/etc/nginx/sites-available/api.**.com）中添加如下内容
server {
    listen   80;
    server_name api.**.com;
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-forwarded-For $proxy_add_x_forwarded_for;

        add_header 'Access-Control-Allow-Origin' $http_origin;
        add_header 'Access-Control-Allow-Methods' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Headers' 'X-API-KEY,Origin,X-Requested-With,Content-Type,Accept,Authorization,username,signature';
        add_header 'Content-Type' 'application/json;charset=UTF-8';

        if ($request_method = 'OPTIONS') {
            return 204;
        }
    }
}

2、带websocket的Web应用跨域解决（在满足1的情况下，剔除websocket建立连接的Get请求，因为建立websocket的Get请求在启动配置已经解决了跨域问题：setAllowedOrigins("*")）
注意：尝试剔除setAllowedOrigins("*")，但不生效

import org.springframework.context.annotation.Configuration;
import org.springframework.messaging.simp.config.ChannelRegistration;
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler;
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        ...
    }

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {
        registry.addEndpoint("/websocket").setAllowedOrigins("*").withSockJS()
            .setClientLibraryUrl("/webjars/sockjs-client/1.0.2/sockjs.min.js");
    }

    @Override
    public void configureClientInboundChannel(ChannelRegistration registration) {
        ...
    }

}

# 在nginx配置代理的文件（/etc/nginx/sites-available/api.**.com）中添加如下内容
server {
    listen   80;
    server_name api.**.com;
    # 在nginx配置代理的文件（/etc/nginx/sites-available/api.**.com）中添加
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection  "upgrade";

        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' $http_origin;
            add_header 'Access-Control-Allow-Methods' '*';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Headers' 'X-API-KEY,Origin,X-Requested-With,Content-Type,Accept,Authorization,username,signature';
            add_header 'Content-Type' 'application/json;charset=UTF-8';
            return 204;
        }

        set $fill_header 0;
        if ($request_method = 'GET') {
            set $fill_header 1;
        }
        # 此处的websocket就是上送代码中的registry.addEndpoint("/websocket")，用于定义Http连接地址
        if ($request_uri ~* '^/websocket/\S+') {
            set $fill_header ${fill_header}1;
        }

        if ($fill_header != 11) {
            add_header 'Access-Control-Allow-Origin' $http_origin;
            add_header 'Access-Control-Allow-Methods' '*';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Headers' 'X-API-KEY,Origin,X-Requested-With,Content-Type,Accept,Authorization,username,signature';
            add_header 'Content-Type' 'application/json;charset=UTF-8';
        }
    }
}