标头设置 Access-Control-Allow-Origin 代码已添加但没有任何反应

标头设置 Access-Control-Allow-Origin 代码已添加但没有任何反应

我正在尝试解决我的网站上的以下选项

Strict-Transport-Security
Content-Security-Policy 
X-Frame-Options 
X-Content-Type-Options 
Referrer-Policy 
Permissions-Policy

我在 Google 上找到了以下代码并将其添加到/etc/apache2/apache2.conf文件中

<Directory /var/www/html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
        Order Allow,Deny
        Allow from all
       Header set Access-Control-Allow-Origin "*"
       Header set Access-Control-Allow-Credentials true
       Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
       Header set Access-Control-Max-Age "1000"
       Header set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
</Directory>

添加上述代码后,出现以下错误

sudo service apache2 restart
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.

我已经通过这个 URL 扫描了我的网站:https://securityheaders.com/,结果显示为 F。以下是结果链接

我必须解决这些问题,所以我研究了谷歌并找到了要添加到 Apache 配置文件的标题代码。所以我添加了相同的代码并出现错误......

相关内容