我有以下 haproxy 配置,它access-control-allow-origin使用以下配置在成功的 200 个请求上添加标头。我的问题是,当我遇到超时或 haproxy 本身(不是我的上游服务器)因其他原因引发错误时,不会添加此标头。如何在例如 504 响应中添加此标头?
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA>
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5s
timeout client 30s
timeout server 30s
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend www-https
bind *:80
bind *:443 ssl crt /etc/ssl/cert.io.pem
http-response add-header access-control-allow-origin "myCoolWebsite.com"
redirect scheme https code 301 if !{ ssl_fc }
mode http
default_backend myBackend
backend myBackend
server myServer 123.456.789.101:2345
编辑:我主要通过为 504 添加自定义错误文件来解决这个问题,如下所示。唯一的问题是我无法弄清楚如何将 动态设置access-control-allow-origin为仅当前请求的域而不是*. 这是一个问题,因为某些浏览器在接收*. 我有什么想法可以做到这一点吗?
// 504.http
HTTP/1.0 504 Gateway Time-out
Cache-Control: no-cache
Connection: close
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT
Access-Control-Allow-Credentials:\ true
Access-Control-Allow-Headers:\ Origin,\ Accept,\ X-Requested-With,\ Content-Type,\ Access-Control-Request-Method,\ Access-Control-Request-Headers,\ Authorization
{
"html": {
"body": {
"h1": "504 Gateway Time-out",
"#text": "The server didn't respond in time."
}
}
}