---
title: Envoy CORS 跨域与预检缓存配置实践
keywords: cors filter, CorsPolicy, allow_origin_string_match, allow_methods, max_age
description: 在 Envoy 配置 CORS 过滤器与路由级策略,允许指定来源/方法/头并设置预检缓存,保证前端跨域请求安全可控。
categories:
- 文章资讯
- 技术教程
---
启用 CORS 过滤与路由策略:
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 8080 }
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
- name: backend
domains: ["*"]
routes:
- match: { prefix: "/api" }
typed_per_filter_config:
envoy.filters.http.cors:
"@type": type.googleapis.com/envoy.extensions.filters.http.cors.v3.CorsPolicy
allow_origin_string_match:
- exact: "https://app.example.com"
allow_methods: "GET,POST,OPTIONS"
allow_headers: "content-type,authorization"
expose_headers: "x-request-id"
allow_credentials: true
max_age: "86400"
route: { cluster: app }
http_filters:
- name: envoy.filters.http.cors
- name: envoy.filters.http.router
clusters:
- name: app
type: LOGICAL_DNS
connect_timeout: 1s
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: app
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address: { address: 127.0.0.1, port_value: 7001 }
发表评论 取消回复