這從這里和那里出現,但沒有問題正確地涵蓋了這個用例。
的相關部分http:
map $http_origin $origin_with_default {
default '*';
~. $http_origin;
}
map $request_method $es_target {
default '';
POST 'search';
GET 'search';
HEAD 'search';
OPTIONS 'options';
}
root /app;
的相關部分server:
server {
location ~* /(.*)/_search {
limit_except OPTIONS {
auth_basic "Read Users";
auth_basic_user_file /etc/nginx/htpasswd_read;
}
rewrite ^ /internal/$es_target;
}
location /internal {
return 405;
}
location /internal/search/ {
internal;
proxy_pass http://elasticsearch/;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Allow-Credentials;
include "cors.headers";
}
location /internal/options {
internal;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
add_header 'Access-Control-Max-Age' 1728000;
include "cors.headers";
return 204;
}
}
最后,cors.headers檔案:
add_header Access-Control-Allow-Credentials "true" always;
add_header Access-Control-Allow-Origin $origin_with_default always;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always;
add_header Access-Control-Allow-Headers 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
POST https://example.com/index_name/_search給出 401。這是預期的。OPTIONS https://example.com/index_name/_search回傳選項標頭。這也符合預期。- 但是,
POST https://u:[email protected]/index_name/_search給出 404 并且服務器日志包含open() "/app/index_name/_search" failed (2: No such file or directory),. 在我添加rewrite ^ /internal/$es_target;andlocation /internal/search/部分之前,當它proxy_pass剛剛在limit_except里面時location ~* /(.*)/_search {,它確實起作用了。由于 1) 和 2) 我相信重寫和位置匹配有效。但是為什么它會嘗試提供檔案而不是代理傳遞呢?
uj5u.com熱心網友回復:
這是一個作業配置。它需要limit_except被洗掉,每個位置都切換到正則運算式匹配來消耗所有東西——最后一個位置很重要,否則它會進入重寫回圈。重寫模塊的“如果使用 URI 指定 proxy_pass 指令,則當請求傳遞到服務器時,與位置匹配的規范化請求 URI 的部分將替換為指令中指定的 URI”部分我能夠開始作業了。
location ~ /internal/search/(?<search>.*) {
internal;
auth_basic "Read Users";
auth_basic_user_file /etc/nginx/htpasswd_read;
proxy_pass http://elasticsearch/$search;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Allow-Credentials;
include "cors.headers";
}
location ~ /internal/options {
internal;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
add_header 'Access-Control-Max-Age' 1728000;
include "cors.headers";
return 204;
}
location ~ /internal/invalid {
return 405;
}
location ~* /_search$ {
rewrite (.*) /internal/$es_target$1;
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/472207.html
