nginx - Nginx WebDAV 模块忽略 CORS 标头

问题描述

我正在使用 Nginx 运行 WebDAV。我有一个 JS 应用程序将其用作存储。问题是 WebDAV 扩展正在删除我在配置中使用“add_header”添加的标头。

server {
  # IP, Certificates, fullpath, autoindex ...
  dav_methods      PUT DELETE MKCOL COPY MOVE;
  dav_ext_methods  PROPFIND OPTIONS;
  dav_access       user:rw group:rw all:rw;

  location / {
    root /srv/http/content;

    # Preflighted requests
    if ($request_method = OPTIONS) {
      add_header "Access-Control-Allow-Origin" *;
      add_header "Access-Control-Allow-Methods" "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND";
      add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept, DNT, X-CustomHeader, Keep-Alive,User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Range, Range, Depth";
      return 200;
    }

    if ($request_method = (GET|POST|HEAD|DELETE|PROPFIND)) {
      add_header "Access-Control-Allow-Origin" *;
      add_header "Access-Control-Allow-Methods" "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND";
      add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
    }
  }
}

当我从我的应用程序打开 WebDAV 连接时，它会请求OPTIONS后跟PROPFIND. 请求OPTIONS通过具有正确的 CORS 标头而通过，但PROPFIND由于未设置 CORS 标头而失败。OPTIONS请注意我强制 Nginx 返回的配置中的特殊情况Http200。然后出现标题。但是当让 WebDAV 完成时，所有 CORS 标头都会消失。

有没有人规避这种行为？

标签： nginxcorswebdavpropfind