Menu
I have a AngularJS app deployed using Yeoman. Cakephp RESTful backend.
The Angular app sends in OPTIONS preflight requests, which the backend responds with forbidden (403), in nginx to solve this problem I have used this:
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
add_header 'Access-Control-Allow-Headers' 'X-AuthTokenHeader,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
How do I go about doing this in Apache? Please provide some preliminary guidance/comments, I will figure out the details after that and improve the question with granular details.
571
I had the same question and the answer given does not solve the problem.
By looking around more I found you could do this using the rewrite, e.g:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
(make sure you enable the rewrite mod)
Then you should use, the "always set" to set the headers, e.g:
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
Explanations here: https://serverfault.com/questions/231766/returning-200-ok-in-apache-on-http-options-requests
60
Add this to your .htaccess file to your apache root directory:
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
Make sure to activate the apache module headers:
a2enmod headers
Source: https://stackoverflow.com/a/11691776/1494875
43
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
