Kämpfen mit einem seltsamen Problem. Ich habe nginx Setup und liefern Seiten mit PHP7 mit fpm ohne Problem. Wenn jedoch angular eine CORS-Anfrage ausführt, die zu einem 4xx- oder 5xx-Antwortcode führt, werden weder die CORS-Header gesendet, noch ein Body/Content.NGINX php7.0 sendet Körper nicht bei Fehlercodes von CORS-Anfragen
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/api/current/public;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name xxx.xxx.xxx.xxx api.mydomain.com;
location/{
# First attempt to serve request as file, then
try_files $uri $uri/ /api.php?$query_string;
}
client_max_body_size 100m;
proxy_intercept_errors off;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
#try_files $uri /api.php?query_string =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_intercept_errors off;
include fastcgi_params;
if ($request_method = POST) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Expose-Headers' "X-AuthToken";
add_header 'Access-Control-Expose-Headers' "X-TemporaryPassword";
}
if ($request_method = GET) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Expose-Headers' "X-AuthToken";
}
if ($request_method = QUERY) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Expose-Headers' "X-AuthToken";
}
if ($request_method = DELETE) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Expose-Headers' "X-AuthToken";
}
if ($request_method = PATCH) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Expose-Headers' "X-AuthToken";
}
if ($request_method = OPTIONS) {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, QUERY, PATCH';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-AuthToken';
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
}
}