今天設置靜態資源服務器時發現
Font from origin 'http://start.fbzl.org' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://lib.fbzl.org' is therefore not allowed access.
這裏我給靜態資源單獨設置了一個域名,其它頁面調用時發生了跨越權限問題。
Nginx 解決辦法:
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
將這段代碼添加到 http{} 或者靜態資源對應的 server{} 中
如果只為自己的網站使用可以將第一行代碼的星號改為自己的域名,例如 *.fbzl.org
參考資料
http://www.w3.org/TR/cors/#access-control-allow-methods-response-header