K8S跨域CORS: Access-Control-Allow-Origin multiple values问题解决方案

岚天start2025-08-24 10:32

1. 背景介绍

按照云服务器以域名形式访问机房Kubernetes集群服务之解决方案-CSDN博客

部署的k8s平台

2. CORS报错

/app/chart-view/1.0.1/index.html#/chart/home/1953010081653735426:1 Access to XMLHttpRequest at 'https://hao-test.lmzf.com/zy/proxy/open-api/hunan/medianode/queryMaintainIndicator?indicator=FAULTY_DEVICE&startDate=2025-08-01&endDate=2025-08-04' from origin 'https://day-test.lmzf.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed.

3. 解决方案

3.1 nginx代理配置

注意:不需要添加如下配置项:

add_header 'Access-Control-Allow-Origin' 'https://*.lmzf.com';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type';

3.1.1 nginx转发完整配置文件如下:

复制代码 
server {
    listen 443 ssl;
    server_name hao-test.lmzf.com;

    ssl_certificate    /etc/nginx/ssl/lmzf.com.pem;
    ssl_certificate_key   /etc/nginx/ssl/lmzf.com.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;


    location / {
        proxy_pass https://2.2.2.2:32532;  # 指向Kubesphere网关的节点端口
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

3.2 应用路由配置

3.2.1 新增配置项入口【编辑yaml】

3.2.2 新增配置项

nginx.ingress.kubernetes.io/enable-cors: 'true'

nginx.ingress.kubernetes.io/cors-allow-origin: 'https://*.lmzf.com'

3.2.3 应用路由Ingress完整文件如下

复制代码 
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: hao-test
  namespace: lmzf
  creationTimestamp: '2025-08-12T12:41:05Z'
  annotations:
    kubesphere.io/alias-name: 页面网关
    kubesphere.io/creator: admin
    nginx.ingress.kubernetes.io/cors-allow-methods: 'GET, POST, OPTIONS'
    nginx.ingress.kubernetes.io/enable-cors: 'true'
    nginx.ingress.kubernetes.io/cors-allow-origin: 'https://*.lmzf.com'
    nginx.ingress.kubernetes.io/proxy-body-size: 50m
    nginx.ingress.kubernetes.io/proxy-connect-timeout: 300s
    nginx.ingress.kubernetes.io/proxy-pass-headers: Authorization
    nginx.ingress.kubernetes.io/proxy-read-timeout: 300s
    nginx.ingress.kubernetes.io/proxy-send-timeout: 300s
spec:
  ingressClassName: kubesphere-router-cluster
  tls:
    - hosts:
        - hao-test.lmzf.com
      secretName: hao-test.lmzf.com
  rules:
    - host: hao-test.lmzf.com
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: gateway-biz
                port:
                  number: 8088
热门推荐
01UV安装并设置国内源02KGG转MP3工具|非KGM文件|解密音频03【踩坑笔记】50系显卡适配的 PyTorch 安装04蜘蛛磁力 搜索引擎大全,如何使用蜘蛛磁力查找磁力链接05Qwen3-Coder 快速上手教程 | Qwen Code + Claude Code06【2025.08.06最新版】Android Studio下载、安装及配置记录(自动下载sdk)072025最新国内服务器可用docker源仓库地址大全(2025年8月更新)08突破百度网盘的下载限速,两种方法教会你【超详细】0920个国内外主流AI绘画工具大汇总(最新免费可用~)10Claude Code VSCode集成开发指南:AI编程助手完整配置