CloudFlare 解决 CORS 跨域问题

C

目前博客的 CDN 方案是通过DNS识别境内境外IP,进行不同的解析的,但是使用 CloudFlare 会导致一部分跨域问题,使某些样式无法正常加载,不过最终还是找到了解决方案,记录一下。


配置

百度出的方法,基本上都是从服务器配置 NGINX 取消跨域限制来解决,但是这样也会伴随着许许多多的问题。CloudFlare也发布了文章,通过 CloudFlare Worker 稍微配置一下即可解决这个问题。

一、创建 CloudFlare Worker 服务

设置服务名称,然后选择 HTTP 处理程序

二、点击快速编辑,将以下代码复制到其中

// Reference: https://developers.cloudflare.com/workers/examples/cors-header-proxy
const corsHeaders = {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Methods": "GET,HEAD,POST,OPTIONS",
        "Access-Control-Max-Age": "86400",
}
function handleOptions (request) {
        // Make sure the necessary headers are present
        // for this to be a valid pre-flight request
        let headers = request.headers
        if (
                headers.get("Origin") !== null &&
                headers.get("Access-Control-Request-Method") !== null &&
                headers.get("Access-Control-Request-Headers") !== null
        ) {
                // Handle CORS pre-flight request.
                // If you want to check or reject the requested method + headers
                // you can do that here.
                let respHeaders = {
                        ...corsHeaders,
                        // Allow all future content Request headers to go back to browser
                        // such as Authorization (Bearer) or X-Client-Name-Version
                        "Access-Control-Allow-Headers": request.headers.get("Access-Control-Request-Headers"),
                }
                return new Response(null, {
                        headers: respHeaders,
                })
        }
        else {
                // Handle standard OPTIONS request.
                // If you want to allow other HTTP Methods, you can do that here.
                return new Response(null, {
                        headers: {
                                Allow: "GET, HEAD, POST, OPTIONS",
                        },
                })
        }
}
async function handleRequest (request) {
        let response
        if (request.method === "OPTIONS") {
                response = handleOptions(request)
        }
        else {
                response = await fetch(request)
                response = new Response(response.body, response)
                response.headers.set("Access-Control-Allow-Origin", "*")
                response.headers.set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
        }
        return response
}
addEventListener("fetch", (event) => {
        event.respondWith(
                handleRequest(event.request).catch(
                        (err) => new Response(err.stack, { status: 500 })
                )

点击保存并部署

三、点击触发器,然后添加路由

填写需要解决跨域问题的域名,如多个文件在同一问题下,可直接通过 * 替代

之后即可解决 CloudFlare CORS 跨域问题。

出于安全原因,请只选择真正需要解决 CORS 错误的路径

可添加多个路由解决多个站点的问题


《CloudFlare 解决 CORS 跨域问题》