Eu quero fazer alguma configuração no meu centos + apache, deixar o servidor httpd enviar 200 respostas quando o cliente fizer uma solicitação de opções.
Há um post muito antigo aqui (2011).
Retornando “200 OK” no Apache em solicitações HTTP OPTIONS
A configuração pode não ser adequada para os sistemas operacionais e apache atuais.
Se a configuração estiver em bom estado, curl -X OPTIONS -i http://remote_ip/remote.html
pode obter o código de retorno 200.
Aqui estão minhas tentativas:
1.cat .htaccess
AuthName "login"
AuthType Basic
AuthUserFile /var/www/html/passwd
require user usernam
Options -Indexes
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
Reinicie-o com systemctl restart httpd
.Error info for command:curl -X OPTIONS -i http://remote_ip/remote.html
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
Exclua a configuração acima em .htacccess.
2.cat /etc/httpd/conf/httpd.conf.
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Require all granted
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With"
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ blank.html [QSA,L]
</Directory>
Reinicie-o com systemctl restart httpd
.Error info for command:curl -X OPTIONS -i http://remote_ip/remote.html
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:34:36 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>