From f599298d2479246396f33a578f1c2e596790b13f Mon Sep 17 00:00:00 2001
From: tianyongbao <tianyongbao@haier.com>
Date: Wed, 4 Feb 2026 18:21:49 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20nginx=E9=85=8D=E7=BD=AE=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6=E4=BF=AE=E6=94=B9=EF=BC=8C=E8=A7=A3=E5=86=B3=E8=B7=A8?=
 =?UTF-8?q?=E5=9F=9F=E9=97=AE=E9=A2=98=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nginx.conf | 43 +++++++++++++++++++++++++++++--------------
 1 file changed, 29 insertions(+), 14 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index fc3cd45..91afeac 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -78,20 +78,35 @@ http {
         }
 
         location /ultra-api/ {
-            # websocket参数（保留原有，无需修改）
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
-            # 保留已修正的rewrite规则（移除/ultra-api/前缀）
-            rewrite  ^/ultra-api/(.*) /$1 break;
-            # 修正3：移除proxy_pass中的/ultra-api/，避免路径重复；替换上游名称为ultra_api_server
-            proxy_pass https://ultra_api_server/;
-            # 修正4：补充核心反向代理头，与根路径保持一致，让上游获取真实客户端信息
-            proxy_set_header Host $http_host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header REMOTE-HOST $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme; # 新增：告诉上游原始请求协议（http/https）
+            # 1. 处理OPTIONS预检请求：直接返回204，无需转发到后端（跨域必备）
+               if ($request_method = OPTIONS) {
+                   return 204;
+               }
+
+               # 2. WebSocket必备配置（保留原有，无需修改）
+               proxy_http_version 1.1;
+               proxy_set_header Upgrade $http_upgrade;
+               proxy_set_header Connection "upgrade";
+
+               # 3. 路径重写：移除/ultra-api/前缀，消除双斜杠（保留原有，核心）
+               rewrite  ^/ultra-api/(.*) /$1 break;
+
+               # 4. 反向代理：指向上游服务，结尾/保证路径拼接无重复（消除双斜杠）
+               proxy_pass https://ultra_api_server/;
+
+               # 5. 基础反向代理头（保留原有，保证上游获取真实客户端信息）
+               proxy_set_header Host $http_host;
+               proxy_set_header X-Real-IP $remote_addr;
+               proxy_set_header REMOTE-HOST $remote_addr;
+               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+               proxy_set_header X-Forwarded-Proto $scheme;
+
+               # 6. 核心CORS跨域允许配置（解决前端拦截问题，重点！）
+               add_header Access-Control-Allow-Origin * always; # 你的前端源站，必须指定具体地址（比*安全）
+               add_header Access-Control-Allow-Methods 'GET,POST,PUT,DELETE,OPTIONS' always; # 允许前端的请求方法
+               add_header Access-Control-Allow-Headers 'Content-Type,Authorization,Token,X-Requested-With' always; # 允许前端的自定义请求头（根据实际需求补充）
+;                add_header Access-Control-Allow-Credentials true always; # 允许跨域携带Cookie/Token（登录必备）
+               add_header Access-Control-Max-Age 3600 always; # 预检请求缓存时间（1小时，减少OPTIONS请求）
         }
 
         location /file/ {