访问控制允许多个域的来源

Question

我有PHP中的REST API，我想允许多个域访问API。问题是我遇到了一些跨原点错误，我添加了 add_header 'Access-Control-Allow-Origin' https://example.com; 但我想添加多个域。如果我从example2.com向我的API提出请求，它将无法正常工作。我尝试在网络上找到解决方案，但找不到任何有效的方法。

尝试：（来自示例https://qa.lsproc.com/post/access-control-allow-origin-multiple-origin-domains），但是我需要删除\.com$，因为我需要更大的灵活性。

    set $cors "false";
    if ($http_origin ~* (^http?://([^/]+\.)*(example.com|example2.com)$)) {
        set $cors "true";
    }

    if ($cors = "true") {
        # Catch all incase there's a request method we're not dealing with properly
        add_header 'Access-Control-Allow-Origin' "$http_origin";
    }

我尝试： https://serverfault.com/questions/350330/nginx-add-header-adding-multiple-headers https://serverfault.com/questions/958965/nginx-enabling-cors-for-multiple-subdomains

但是我无法使其正常运行，如果我添加Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details. ，我也会得到if ($cors = "true") {

我的nginx文件是

server {
    listen 80;
    listen 443 ssl http2;
    server_name .api.homestead;
    root "/home/vagrant/api/public";

    index index.html index.htm index.php;

    charset utf-8;

    set $cors "false";
    if ($http_origin ~* (^http?://([^/]+\.)*(domain.com|localhost:8080))) {
        set $cors "true";
    }

    if ($cors = "true") {
        # Catch all incase there's a request method we're not dealing with properly
        add_header 'Access-Control-Allow-Origin' "$http_origin";
    }



    location / {
        allow 192.168.10.1;
        deny all;

        try_files $uri $uri/ /index.php?$query_string;

        add_header 0 false;
    }




    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/api.homestead-error.log error;

    sendfile off;

    client_max_body_size 100m;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;


        fastcgi_intercept_errors off;
        fastcgi_buffer_size 16k;
        fastcgi_buffers 4 16k;
        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
    }

    location ~ /\.ht {
        deny all;
    }

    ssl_certificate     /etc/nginx/ssl/api.homestead.crt;
    ssl_certificate_key /etc/nginx/ssl/api.homestead.key;
}