解决方案
location /s3-pdf/ {
proxy_pass https://xxx-pdf.s3.us-east-2.amazonaws.com/;
proxy_set_header Host xxx-pdf.s3.us-east-2.amazonaws.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_ssl_server_name on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
add_header Content-Type application/pdf;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods GET,HEAD;
add_header Access-Control-Allow-Headers Range;
}
把访问 https://你的域名/s3-pdf/xxx.pdf的请求,反向代理转发到 AWS S3 上的 PDF 文件,并在返回给浏览器时强制声明为 PDF 类型,顺便处理跨域问题。
客户端访问:/s3-pdf/test.pdf
Nginx 实际去请求:https://xxx-pdf.s3.us-east-2.amazonaws.com/test.pdf
location /s3-pdf/ {
proxy_pass https://xxx-pdf.s3.us-east-2.amazonaws.com/;
...
}
强制告诉浏览器:返回的是 PDF
否则可能出现:
浏览器下载失败
直接显示乱码
被当成 text/plain
add_header Content-Type application/pdf;实际流程
浏览器
↓
https://cdn.example.com/s3-pdf/test.pdf
↓(Nginx 代理)
https://xxx-pdf.s3.us-east-2.amazonaws.com/test.pdf
↓
S3 返回 PDF
↓
Nginx 加上 Content-Type
↓
浏览器正确预览 / 下载 PDF增加跨域配置
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods GET,HEAD;
add_header Access-Control-Allow-Headers Range;大文件 / 断点续传问题
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
# 【关键点】Host 必须设置为 S3 的域名,不能用 $host
proxy_set_header Host xxx-pdf.s3.us-east-2.amazonaws.com;