为什么删除响应在webdav服务器中没有cors头?
为什么删除响应在webdav服务器中没有cors头?
提问于 2014-12-30 02:57:25
我想实现关于webdav的CORS。
我的机器有一个webdav服务器,ip地址是192.168.7.88。我测试ip为127.0.0.1的CORS。
我的web服务器配置(httpd-dav.conf):
DavLockDB "/opt/apache/var/DavLock"
Alias /webdav "/webdav"
<Location /webdav>
DAV On
Header set Access-Control-Allow-Origin "http://127.0.0.1"
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "COPY, DELETE, GET, HEAD, MKCOL, OPTIONS, POST, PROPFIND, PUT"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, Range, Content-Range, Cache-Control"
Header set Access-Control-Expose-Headers "DAV, content-length, Allow"
Header set Access-Control-Max-Age "36000"
AuthType Basic
AuthName "webdav"
<Limit COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK>
Order allow,deny
Allow from all
# IP address you allow
Require valid-user
</Limit>
</Location>
#
# The following directives disable redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with several clients that do not appropriately handle
# redirects for folders with DAV methods.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
BrowserMatch " Konqueror/4" redirect-carefully请求头-选项:
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding gzip, deflate
Accept-Language zh-cn,en-us;q=0.7,en;q=0.3
Access-Control-Request-Me... DELETE
Connection keep-alive
Host 192.168.7.88
Origin http://127.0.0.1
User-Agent Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0 FirePHP/0.7.4
x-insight activate响应头-选项(状态= 200 OK):
Access-Control-Allow-Cred... true
Access-Control-Allow-Head... Overwrite, Destination, Content-Type, Depth, Range, Content-Range, Cache-Control
Access-Control-Allow-Meth... COPY, DELETE, GET, HEAD, MKCOL, OPTIONS, POST, PROPFIND, PUT
Access-Control-Allow-Orig... http://127.0.0.1
Access-Control-Expose-Hea... DAV, content-length, Allow
Access-Control-Max-Age 36000
Access-Control-Request-He... Origin, Content-Type
Allow OPTIONS,GET,HEAD,POST,DELETE,TRACE,PROPFIND,PROPPATCH,COPY,MOVE,PUT,LOCK,UNLOCK
Connection Keep-Alive
Content-Length 0
Content-Type text/plain
DAV 1,2, <http://apache.org/dav/propset/fs/1>
Date Tue, 30 Dec 2014 03:25:53 GMT
Keep-Alive timeout=5, max=99
MS-Author-Via DAV
Server Apache/2.4.10 (Unix) PHP/5.5.15请求头-删除:
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding gzip, deflate
Accept-Language zh-cn,en-us;q=0.7,en;q=0.3
Connection keep-alive
Host 192.168.7.88
Origin http://127.0.0.1
Referer http://127.0.0.1/webdavtest
User-Agent Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0 FirePHP/0.7.4
x-insight activate响应头-删除:(状态=204NO内容)
Connection Keep-Alive
Content-Length 0
Content-Type text/plain
Date Tue, 30 Dec 2014 01:26:31 GMT
Keep-Alive timeout=5, max=98
Server Apache/2.4.10 (Unix) PHP/5.5.15但火狐说:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://192.168.7.88/webdav/b.txt.
This can be fixed by moving the resource to the same domain or enabling CORS.我知道删除响应没有cors头,所以firefox说。
为什么删除响应没有cors头?
回答 1
Stack Overflow用户
发布于 2017-01-18 21:14:39
这是Apache实现RFC 2616的已知限制。
这与在这个问题上描述的问题大致相同。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/27699069
复制相关文章
相似问题
腾讯云开发者
