# 全局CORS配置

    add_header Access-Control-Allow-Origin * always;

    add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;

    add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization" always;

    add_header Access-Control-Allow-Credentials true always;

    add_header Cross-Origin-Resource-Policy "cross-origin" always;

评论0