如何在apache2中允许跨域请求

Question

这是我的配置文件.

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName localhost:80
    DocumentRoot /var/www/XXX
    <Directory />
        Options None
        AllowOverride None
        Order deny,allow
        Deny from all
    </Directory>
    <Directory /var/www/qvbn-app-web-ctrl>
        Options FollowSymLinks
        AllowOverride AuthConfig FileInfo
        Order allow,deny
        Allow from all
        Header set Access-Control-Allow-Origin "*"
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    LogLevel warn
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

当我试图重新加载apache2时,iT会给出错误:

   Invalid command 'Header', perhaps misspelled or defined by a module not included in the server configuration
    Action 'configtest' failed.

我不知道如何启用CORS.我跟着这个:http: //enable-cors.org/server_apache.html

Answer 1

OS=GNU/Linux Debian
Httpd=Apache/2.4.10

更改/etc/apache2/apache2.conf

<Directory /var/www/html>
     Order Allow,Deny
     Allow from all
     AllowOverride all
     Header set Access-Control-Allow-Origin "*"
</Directory>

添加/激活模块

 a2enmod headers 

重启服务

/etc/init.t/apache2 restart

Answer 2

在 httpd.conf 中

1. 确保这些已加载：

LoadModule headers_module modules/mod_headers.so

LoadModule rewrite_module modules/mod_rewrite.so

2. 在目标目录中：

<Directory "**/usr/local/PATH**">
    AllowOverride None
    Require all granted

    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
    Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
    Header always set Access-Control-Expose-Headers "Content-Security-Policy, Location"
    Header always set Access-Control-Max-Age "600"

    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} OPTIONS
    RewriteRule ^(.*)$ $1 [R=200,L]

</Directory>

If running outside container, you may need to restart apache service.

Answer 3

首先在服务器上启用mod_headers，然后可以在Apache conf和.htaccess中使用header指令。

1）启用mod头

a2enmod headers

2）在.htaccess文件中配置标头

Header add Access-Control-Allow-Origin "*"

 Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"

 Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

Answer 4

将以下内容放入站点的 .htaccess 文件（在 /var/www/XXX 中）：

Header set Access-Control-Allow-Origin "*"

而不是 .conf 文件。

您还需要使用

AllowOverride All

在域的 .conf 文件中，以便 Apache 查看它。

Answer 5

对我有用的 Ubuntu Apache2 解决方案 .htaccess 编辑对我不起作用我不得不修改 conf 文件。

nano /etc/apache2/sites-available/mydomain.xyz.conf

我的配置允许 CORS 支持

<IfModule mod_ssl.c>
    <VirtualHost *:443>

        ServerName mydomain.xyz
        ServerAlias www.mydomain.xyz

        ServerAdmin support@mydomain.xyz
        DocumentRoot /var/www/mydomain.xyz/public

        ### following three lines are for CORS support
        Header add Access-Control-Allow-Origin "*"
        Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
        Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLCertificateFile /etc/letsencrypt/live/mydomain.xyz/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.xyz/privkey.pem

    </VirtualHost>
</IfModule>

然后输入以下命令

a2enmod 头文件

在尝试之前确保缓存已清除