在nginx代理为https之前,xxl-job使用http访问是没有问题的,但是换为https后,访问就有以下报错:
很多接口都出现了403异常
DataTables warning: table id=job_list - Ajax error. For more information about this error, please see http://datatables.net/tn/7
这是之前的nginx配置:
javascript
location /datagov/job {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Allow-Headers *;
proxy_connect_timeout 60s;
proxy_send_timeout 90;
proxy_read_timeout 120;
proxy_temp_file_write_size 256k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;
proxy_buffering off;
proxy_rdirect off;
proxy_set_header Host $host:$server_port;
proxy_set_header Cache-Control max-age=1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://datagov-job;
}经过排查发现可能是XXL-JOB权限问题
XXL-JOB 可能对请求的 Referer、Host 或 Origin 进行了校验,导致 Nginx 代理后被拒绝
解决方案:
在 location /datagov/job 下添加 proxy_set_header,确保请求头正确传递:
proxy_set_header Referer "";proxy_set_header Origin "";proxy_set_header Host $host;
这样可以避免 XXL-JOB 校验失败。
修改后的nginx配置:
javascript
location /datagov/job {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Allow-Headers *;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer "";
proxy_set_header Origin "";
proxy_connect_timeout 60s;
proxy_send_timeout 90;
proxy_read_timeout 120;
proxy_temp_file_write_size 256k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;
proxy_buffering off;
proxy_redirect off;
proxy_pass http://datagov-job;
}