您的位置: 首页  >  技术问答  >  nginx:仅在HTTP请求为选项时才需要基本身份验证选项

nginx:仅在HTTP请求为选项时才需要基本身份验证选项

分类: 技术问答 2022-09-03 20:02:00
问题描述:

授权标头未使用HTTP OPTIONS请求发送。我希望只有在请求是OPTIONS时才禁用此认证,并将其保留为其他请求。这里是我现在有的配置代码片段。似乎无法看出它为什么不起作用。我总是在OPTIONS请求中获得401 Unauthorized Error。nginx:仅在HTTP请求为选项时才需要基本身份验证选项

location ~ /foo/bar 
    { 

     if ($request_method = OPTIONS) { 
     set $auth_basic "off"; 
     } 
     if ($request_method != OPTIONS) 
     { 
     set $auth_basic "Resctricted"; 
     set $auth_basic_user_file /var/www/.htpasswd; 
     } 
     auth_basic $auth_basic; 
     auth_basic_user_file $auth_basic_user_file; 
    }

处理这个最简单的方法是让nginx的处理OPTIONS要求:

server { 
    listen 80; 
    server_name example.com; 
    root /var/www; 

    auth_basic "Resctricted"; 
    auth_basic_user_file /var/www/.htpasswd; 

    location/{ 
     if ($request_method = OPTIONS) { 
      add_header Access-Control-Allow-Origin "http://example.com"; 
      add_header Access-Control-Allow-Methods "GET, OPTIONS"; 
      add_header Access-Control-Allow-Headers "Authorization"; 
      add_header Access-Control-Allow-Credentials "true"; 
      add_header Content-Length 0; 
      add_header Content-Type text/plain; 
      return 200; 
     } 
    } 
}

这将使OPTIONS获得,而不需要认证的响应:

[email protected] www $ curl -i -X OPTIONS http://example.com 
HTTP/1.1 200 OK 
Server: nginx 
Date: Sat, 17 Jun 2017 00:09:52 GMT 
Content-Type: application/octet-stream 
Content-Length: 0 
Connection: keep-alive 
Access-Control-Allow-Origin: http://example.com 
Access-Control-Allow-Methods: GET, OPTIONS 
Access-Control-Allow-Headers: Authorization 
Access-Control-Allow-Credentials: true 
Content-Length: 0 
Content-Type: text/plain 

[email protected] www $ curl -i http://example.com 
HTTP/1.1 401 Unauthorized 
Server: nginx 
Date: Sat, 17 Jun 2017 00:09:59 GMT 
Content-Type: text/html 
Content-Length: 188 
Connection: keep-alive 
WWW-Authenticate: Basic realm="Resctricted" 

<html> 
<head><title>401 Authorization Required</title></head> 
<body bgcolor="white"> 
<center><h1>401 Authorization Required</h1></center> 
<hr><center>nginx</center> 
</body> 
</html>
+0

感谢您的回答。我在你的帮助下提出了这个问题。这不对吗?验证码必须在那里,因为这是唯一需要它的位置。我仍然得到401未经授权。 '位置〜/富/酒吧/ { 如果($ REQUEST_METHOD = OPTIONS){ ... 返回200; } auth_basic“Restricted”; auth_basic_user_file /var/www/.htpasswd; }' –

它看起来像是一个旧帖子,但找到了这个解决方案:

在“位置”中放入以下配置,并从服务器中删除任何auth_basic。这将工作

location/{ 
    # Your node proxy configuration for example # 

    # Make options requests work # 
    limit_except OPTIONS { 
     auth_basic "Restricted access zone"; 
     auth_basic_user_file /etc/nginx/pass/protected; 
    } 
    }

相关推荐