Nginx跨域设置

location ^~ /page/ {

         location ~* \.(ttf|otf|eot|woff|woff2)$ {
                    add_header "Access-Control-Allow-Origin" "*";
         }


         # 允许指定域名的所有子域名
        set $cors_origin "";

        if ($http_origin ~* "^https?://([a-zA-Z0-9-]+\.)*(abc\.com|ac-d\.com|qq\.com|crm\.cn|dior\.cn|weixin\.qq\.com|force\.com|sfcrmapps\.cn|sfcrmproducts\.cn)$") {
            set $cors_origin $http_origin;
        }

        add_header 'Access-Control-Allow-Origin' $cors_origin always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers'  $http_access_control_request_headers;

        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' $cors_origin always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
            add_header 'Access-Control-Allow-Headers'  $http_access_control_request_headers;
            add_header 'Access-Control-Max-Age' 1728000;
            return 204;
        }




         add_header Set-Cookie 'Path=/;httponly; Secure; SameSite=Lax';
          add_header X-Content-Type-Options nosniff;
         add_header X-XSS-Protection '1; mode=block';
         add_header Referrer-Policy no-referrer-when-downgrade;
         add_header Permissions-Policy "interest-cohort=()";

         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;


        #前端页面内容新增2H缓存
        proxy_cache cache_one;
        expires 2h;
        proxy_cache_key $uri$is_args$args;
        #access_log  /data/logs/nginx/ocs/ocs.log main;
        alias /usr/local/nginx/html/ocs/;
    }