云原生网关支持路由级别的跨域资源共享CORS(Cross-Origin Resource Sharing)策略配置,您可以有选择的为有跨域需求的路由设置合适的跨域策略。
背景信息
跨域资源共享CORS(Cross-Origin Resource Sharing)是指允许Web应用服务器进行跨域访问控制,从而实现跨域数据安全传输。关于跨域的更多信息,请参见跨源资源共享(CORS)。
配置跨域策略
结果验证
- 执行以下测试请求命令:
curl -I -H "Origin: http://example.com" -H 'Host: www.test.com' -X OPTIONS http://121.196.XX.XX/demo/item/list
- 响应结果:
HTTP/1.1 200 OK allow: GET,HEAD,OPTIONS x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 x-frame-options: DENY content-length: 0 date: Tue, 30 Nov 2021 03:20:31 GMT x-envoy-upstream-service-time: 6 access-control-allow-origin: http://example.com access-control-allow-credentials: true access-control-expose-headers: * server: istio-envoy