add_header Set-Cookie 'mycookie=xxxx;Path=/;SameSite=None; Secure';
Nginx配置完成版参考
upstream tomcat_server {
server 127.0.0.1:8001 weight=10 max_fails=2 fail_timeout=30s;
}
log_format newmain '$remote_addr - "$http_x_forwarded_for" - "$http_j_forwarded_for" - $remote_user [$time_local]'
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
#限流模块
limit_req_zone $binary_remote_addr zone=ip_limit_index:20m rate=500000r/s;
server
{
listen 80;
server_name www.xxx.com ;
access_log /export/xxx/nginx/logs/www.xxx.com/www.xxx.com_access.log main;
error_log /export/xxx/nginx/logs/www.xxx.com/www.xxx.com_error.log warn;
error_page 411 = @error_page;
root /export/App/www.xxx.com/;
location / {
set $flag "flag";
#如果是指定域名的请求,设置跨域
if ($http_origin ~* "(xxx.com|xxx.cn)") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin,X-Requested-With,Content-Type,Accept,Cache-Control,frLo';
add_header 'Access-Control-Max-Age' 1728000;
}
#如果是预检请求,设置跨域后直接返回
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin,X-Requested-With,Content-Type,Accept,Cache-Control,frLo';
add_header 'Access-Control-Max-Age' 1728000;
#预检请求直接返回
return 200;
}
proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#设置cookie,当然也可以对以后的cookie追加SameSite=None; Secure配置
add_header Set-Cookie 'mycookie=xxxx;Path=/;SameSite=None; Secure';
proxy_pass http://tomcat_server;
expires 0;
fastcgi_buffer_size 128k;
fastcgi_buffers 32 32k;
}
#静态资源的处理
location ~ .*\.(css|js|ico)$ {
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 3;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript image/jpeg image/gif image/png image/x-icon;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
}
location /logs/ {
autoindex off;
deny all;
}
}