how to do
after configuring the serverwhen the client sends an options request, the server returns 200?
according to the practice of this post,
https://serverfault.com/quest.
I want the server to return 200 for this command
curl-X OPTIONS-I http://remote_ip/remote.html
. How do I configure it?
output before configuration
curl-X OPTIONS-I http://remote.ip/remote.html
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:24:41 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn"t understand how to supply
the credentials required.
</body></html>
my attempts
- cat .htaccess
AuthName "login"
AuthType Basic
AuthUserFile / var/www/html/passwd
require user usernam
Options-Indexes
< LimitExcept OPTIONS >
Require valid-user
< / LimitExcept >
error
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
2.cat / etc/httpd/conf/httpd.conf.
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Require all granted
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With"
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ blank.html [QSA,L]
</Directory>
error
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:34:36 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn"t understand how to supply
the credentials required.
</body></html>
Why is there such a need? Configure servers across domains for js.
if this cross-domain and requires authentication, you must make an options request on the server side, return 200, and then send it a second time on the client side.