How to allow Cross domain request in apache2

2019-02-09 17:41发布

站内问答 / 前沿技术
848 6 5

This is my configuration file. 

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName localhost:80
    DocumentRoot /var/www/XXX
    <Directory />
        Options None
        AllowOverride None
        Order deny,allow
        Deny from all
    </Directory>
    <Directory /var/www/qvbn-app-web-ctrl>
        Options FollowSymLinks
        AllowOverride AuthConfig FileInfo
        Order allow,deny
        Allow from all
        Header set Access-Control-Allow-Origin "*"
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    LogLevel warn
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

When i am trying to reload apache2 iT is giving error as :

   Invalid command 'Header', perhaps misspelled or defined by a module not included in the server configuration
    Action 'configtest' failed.

I don't know how to enable CORS. I followed this: http://enable-cors.org/server_apache.html

标签: apache cors
举报
6条回答
姐就是有狂的资本
2楼-- · 2019-02-09 17:47 
OS=GNU/Linux Debian
Httpd=Apache/2.4.10

Change in /etc/apache2/apache2.conf

<Directory /var/www/html>
     Order Allow,Deny
     Allow from all
     AllowOverride all
     Header set Access-Control-Allow-Origin "*"
</Directory>

Add/activate module

 a2enmod headers

Restart service

/etc/init.t/apache2 restart
查看更多
0人赞 添加讨论(0) 举报
\"骚年 ilove
3楼-- · 2019-02-09 17:47

I had a lot of trouble getting this to work. Dummy me, don't forget that old page - even for sub-requests - gets cached in your browser. Maybe obvious, but clear your browsers cache. After that, one can also use Header set Cache-Control "no-store" This was helpful to me while testing.

查看更多
0人赞 添加讨论(0) 举报
够拽才男人
4楼-- · 2019-02-09 17:50

First enable mod_headers on your server, then you can use header directive in both Apache conf and .htaccess.

1) enable mod headers

a2enmod headers

2) configure header in .htaccess file

Header add Access-Control-Allow-Origin "*"

 Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"

 Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
查看更多
0人赞 添加讨论(0) 举报
虎瘦雄心在
5楼-- · 2019-02-09 17:50

Enable mod_headers in Apache2 to be able to use Header directive :

a2enmod headers
查看更多
0人赞 添加讨论(0) 举报
神经病院院长
6楼-- · 2019-02-09 17:55

put the following in the site's .htaccess file (in the /var/www/XXX):

Header set Access-Control-Allow-Origin "*"

instead of the .conf file.

You'll also want to use 

AllowOverride All

in your .conf file for the domain so Apache looks at it.

查看更多
0人赞 添加讨论(0) 举报
forever°为你锁心
7楼-- · 2019-02-09 17:59

You can also put below code to the httaccess file as well to allow CORS using htaccess file

######################## Handling Options for the CORS
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [L,R=204]

##################### Add custom headers Header set X-Content-Type-Options "nosniff" Header set X-XSS-Protection "1; mode=block" # Always set these headers for CORS. Header always set Access-Control-Max-Age 1728000 Header always set Access-Control-Allow-Origin: "*" Header always set Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT" Header always set Access-Control-Allow-Headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$ Header always set Access-Control-Allow-Credentials true

For information purpose, You can also have a look at this article http://www.ipragmatech.com/enable-cors-using-htaccess/ which allow CORS header.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)