线上资源访问本地数据-跨域问题总结

1、首先跨域分两种

1)访问资源跨域：

接口可以发送服务器服务器返回跨域，这种解决服务端跨域问题即可

2)浏览器跨域：

浏览器安全限制，例如：has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`.

公网资源无法访问私网资源，浏览器配置可解决

chrome://flags/#block-insecure-private-network-requests

edge://flags/#block-insecure-private-network-requests

https不能访问http资源 

This request has been blocked; the content must be served over HTTPS.

网上有加<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

有配置安全地址的 但都是要把原地址转成https请求

XSwitch浏览器插件转发请求

参考Apifox-Agent-Chrome 使用插件通信触发浏览器插件请求本地接口

nginx代理转发

listen 80;
server_name localhost;

location / {
root html;
index index.html index.htm;

add_header Access-Control-Allow-Private-Network true;
}
# 在这里添加代码
location /api{
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE';
add_header 'Access-Control-Allow-Headers' 'Content-Type';
if ($request_method = 'OPTIONS') {
return 200;
}
# 这里是服务器地址
proxy_pass http://localhost:8080;
}