如何覆盖 Apache 2.4.52 的允许响应

如何覆盖 Apache 2.4.52 的允许响应

我的虚拟主机配置:

<VirtualHost *:3000>
  ServerAdmin webmaster@localhost
  DocumentRoot "/var/www/bag-design/bag-design-web/build"
  DirectoryIndex index.html
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH"
  Header always set Access-Control-Allow-Headers "*"

  <Directory "/var/www/bag-design/bag-design-web/build">
    AllowOverride All
    Order allow,deny
    Allow from All   
  </Directory>

  ErrorLog ${APACHE_LOG_DIR}/bag_design_error.log
  CustomLog ${APACHE_LOG_DIR}/bag_design_access.log combined

</VirtualHost>

<VirtualHost *:3001>
  ServerAdmin webmaster@localhost
  DocumentRoot "/var/www/bag-design/bag-design-api/dist"
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, PATCH"
  Header always set Access-Control-Allow-Headers "*"
  <Directory "/var/www/bag-design/bag-design-api/dist">
    AllowOverride All
    Order allow,deny
    Allow from All   
  </Directory>

  ErrorLog ${APACHE_LOG_DIR}/bag_design_error.log
  CustomLog ${APACHE_LOG_DIR}/bag_design_access.log combined

</VirtualHost>

但是当我尝试发出 PATCH 请求时,响应为 405,并且我收到以下标头:

Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: *
Allow: GET, POST, PUT, DELETE, OPTIONS, PATCH
Allow: OPTIONS,HEAD,GET,POST
Connection: Keep-Alive
Content-Length: 301
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 18 Jan 2023 10:31:50 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.52 (Ubuntu)

我的问题是如何覆盖 Allow 标头?我尝试使用标头“方法”Allow “PATCH”附加、取消设置、设置、添加、合并此标头,但均无效。

答案1

一件事是向客户端宣布你允许的方法(通过标题),另一件事是你如何实际允许它们在你的配置中使用(服务器中的实际功能,使用模块)

允许方法的方式是通过mod_allowmethods模块。您必须加载它。

然后使用允许方法指令。在您的目录/位置添加:

<Directory /var/www/bag-design/bag-design-web/build>
    AllowOverride none
    Require all granted
    AllowMethods GET POST PUT DELETE OPTIONS PATCH 
</Directory>

PS:除非您确实需要,否则不要将 allowoverride 设置为 all,如果您是网站管理员,则不需要这样做。此外,Allow、Deny、Order 是较旧的 2.2.x 指令,您现在不应该使用它们。引用目录路径也是不必要的。

PS2:请注意,除了允许方法之外,还必须有某种东西可以为 apache 提供该行为(mod_dav?)

相关内容