发表新帖
发表新帖

Bypassing authentication for “Options request” (so all headers are sent in the response)

前端 未结
关注
2 1618
花落未央
花落未央 2021-01-21 06:06

This is in the context of Cross-origin resource sharing. For the preflight request, the server is not sending the headers set. When a valid cookie is not passed with the \"Opti

2条回答
  • 鱼传尺愫
    鱼传尺愫 (楼主)
    2021-01-21 06:47

    "LimitExcept" directive solved it. In fact, prior to posting the question I tried the directive, however the mistake earlier was including the first two lines ("Options Includes..." and "Alowoverride...") within the "LimitExcept" block.

          
  Options Includes FollowSymLinks ExecCGI MultiViews
  AllowOverride None
  
    Order allow,deny
    allow from all
    AuthType Net
    PubcookieInactiveExpire -1
    PubcookieAppID app1.company.com
    require valid-user
   #<- syntax error fixed.

    0 讨论(0)
 看不清?
提交回复
热议问题