How to make httpd response 200 for options request?
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
I want to make some configuration on my centos+apache,let httpd server send 200 response when client make a options request.
There is a very old post here(2011).
Returning âÂÂ200 OKâ in Apache on HTTP OPTIONS requests
The configuration may not be fit for current's os and apache.
If the configuration is in good status,curl -X OPTIONS -i http://remote_ip/remote.html
may get 200 return code.
Herre are my tries:
1.cat .htaccess
AuthName "login"
AuthType Basic
AuthUserFile /var/www/html/passwd
require user usernam
Options -Indexes
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
Delet the above config in .htacccess.
2.cat /etc/httpd/conf/httpd.conf.
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Require all granted
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With"
RewriteEngine On
RewriteCond %REQUEST_METHOD OPTIONS
RewriteRule ^(.*)$ blank.html [QSA,L]
</Directory>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:34:36 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
centos apache-httpd options
add a comment |Â
up vote
3
down vote
favorite
I want to make some configuration on my centos+apache,let httpd server send 200 response when client make a options request.
There is a very old post here(2011).
Returning âÂÂ200 OKâ in Apache on HTTP OPTIONS requests
The configuration may not be fit for current's os and apache.
If the configuration is in good status,curl -X OPTIONS -i http://remote_ip/remote.html
may get 200 return code.
Herre are my tries:
1.cat .htaccess
AuthName "login"
AuthType Basic
AuthUserFile /var/www/html/passwd
require user usernam
Options -Indexes
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
Delet the above config in .htacccess.
2.cat /etc/httpd/conf/httpd.conf.
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Require all granted
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With"
RewriteEngine On
RewriteCond %REQUEST_METHOD OPTIONS
RewriteRule ^(.*)$ blank.html [QSA,L]
</Directory>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:34:36 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
centos apache-httpd options
Is your question about how to configure Apache, or is it about how to provide the credentials in the client (curl
)?
â RalfFriedl
Sep 11 at 5:19
To configure Apache ,then check it with curl.
â scrapy
Sep 11 at 6:48
add a comment |Â
up vote
3
down vote
favorite
up vote
3
down vote
favorite
I want to make some configuration on my centos+apache,let httpd server send 200 response when client make a options request.
There is a very old post here(2011).
Returning âÂÂ200 OKâ in Apache on HTTP OPTIONS requests
The configuration may not be fit for current's os and apache.
If the configuration is in good status,curl -X OPTIONS -i http://remote_ip/remote.html
may get 200 return code.
Herre are my tries:
1.cat .htaccess
AuthName "login"
AuthType Basic
AuthUserFile /var/www/html/passwd
require user usernam
Options -Indexes
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
Delet the above config in .htacccess.
2.cat /etc/httpd/conf/httpd.conf.
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Require all granted
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With"
RewriteEngine On
RewriteCond %REQUEST_METHOD OPTIONS
RewriteRule ^(.*)$ blank.html [QSA,L]
</Directory>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:34:36 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
centos apache-httpd options
I want to make some configuration on my centos+apache,let httpd server send 200 response when client make a options request.
There is a very old post here(2011).
Returning âÂÂ200 OKâ in Apache on HTTP OPTIONS requests
The configuration may not be fit for current's os and apache.
If the configuration is in good status,curl -X OPTIONS -i http://remote_ip/remote.html
may get 200 return code.
Herre are my tries:
1.cat .htaccess
AuthName "login"
AuthType Basic
AuthUserFile /var/www/html/passwd
require user usernam
Options -Indexes
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
Delet the above config in .htacccess.
2.cat /etc/httpd/conf/httpd.conf.
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride AuthConfig
Require all granted
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With"
RewriteEngine On
RewriteCond %REQUEST_METHOD OPTIONS
RewriteRule ^(.*)$ blank.html [QSA,L]
</Directory>
Reboot it with systemctl restart httpd
.Error info for command :curl -X OPTIONS -i http://remote_ip/remote.html
HTTP/1.1 401 Unauthorized
Date: Sat, 08 Sep 2018 00:34:36 GMT
Server: Apache/2.4.6 (CentOS)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,DNT,User-Agent,Keep-Alive,Content-Type,accept,origin,X-Requested-With
WWW-Authenticate: Basic realm="login"
Content-Length: 381
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
centos apache-httpd options
centos apache-httpd options
asked Sep 8 at 1:22
scrapy
54215
54215
Is your question about how to configure Apache, or is it about how to provide the credentials in the client (curl
)?
â RalfFriedl
Sep 11 at 5:19
To configure Apache ,then check it with curl.
â scrapy
Sep 11 at 6:48
add a comment |Â
Is your question about how to configure Apache, or is it about how to provide the credentials in the client (curl
)?
â RalfFriedl
Sep 11 at 5:19
To configure Apache ,then check it with curl.
â scrapy
Sep 11 at 6:48
Is your question about how to configure Apache, or is it about how to provide the credentials in the client (
curl
)?â RalfFriedl
Sep 11 at 5:19
Is your question about how to configure Apache, or is it about how to provide the credentials in the client (
curl
)?â RalfFriedl
Sep 11 at 5:19
To configure Apache ,then check it with curl.
â scrapy
Sep 11 at 6:48
To configure Apache ,then check it with curl.
â scrapy
Sep 11 at 6:48
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
3
down vote
accepted
First, there is an issue with your .htaccess
file:
- In lines 6-8; you require that the user is authenticated, but only if it's not an
OPTIONS
request. This is fine. - In line 4 however, you require that the user is authenticated as user
usernam
, regardles of the request method (GET, POST, OPTIONS, etc...)
So if you remove line 4 or move it into the LimitExcept
section your config should work.
For more information see the mod_authz_core docs
Second, the error message for the first solution you posted ("The server encountered an internal error or misconfiguration...") hints at an invalid httpd.conf
file. There may be something else misconfigured. Check your configuration and the Apache documentation.
As a reference, the config files I used for testing can be found at: https://github.com/mhutter/stackexchange/tree/master/467654
add a comment |Â
up vote
0
down vote
The error 401 Unauthorized
means that the HTTP server expects credentials, usually a user name and password. Accoring to the question, you removed the .htacccess
file that requested authentication, so there must be still something in the active configuration that requests authentication.
To provide the credentials, with curl
you can use the option -u, --user <user:password>
(short or long form).
When you get an error 500
, there should be an entry in the Apache logs that explains what king of error occurred.
When something doesn't work, it is generally a good idea to reduce the configuration to the required minimum to find the problem. To do that, comment out lines you think don't cause the problem and try again. Either it starts working, then you know where to look at more closely, or you have a simplified config.
With your config, the header lines probably don't contribute to the problem, but I would first try to get it working without the redirect. When you have a working config, you can add lines until either it breaks again or you have the config you want.
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
accepted
First, there is an issue with your .htaccess
file:
- In lines 6-8; you require that the user is authenticated, but only if it's not an
OPTIONS
request. This is fine. - In line 4 however, you require that the user is authenticated as user
usernam
, regardles of the request method (GET, POST, OPTIONS, etc...)
So if you remove line 4 or move it into the LimitExcept
section your config should work.
For more information see the mod_authz_core docs
Second, the error message for the first solution you posted ("The server encountered an internal error or misconfiguration...") hints at an invalid httpd.conf
file. There may be something else misconfigured. Check your configuration and the Apache documentation.
As a reference, the config files I used for testing can be found at: https://github.com/mhutter/stackexchange/tree/master/467654
add a comment |Â
up vote
3
down vote
accepted
First, there is an issue with your .htaccess
file:
- In lines 6-8; you require that the user is authenticated, but only if it's not an
OPTIONS
request. This is fine. - In line 4 however, you require that the user is authenticated as user
usernam
, regardles of the request method (GET, POST, OPTIONS, etc...)
So if you remove line 4 or move it into the LimitExcept
section your config should work.
For more information see the mod_authz_core docs
Second, the error message for the first solution you posted ("The server encountered an internal error or misconfiguration...") hints at an invalid httpd.conf
file. There may be something else misconfigured. Check your configuration and the Apache documentation.
As a reference, the config files I used for testing can be found at: https://github.com/mhutter/stackexchange/tree/master/467654
add a comment |Â
up vote
3
down vote
accepted
up vote
3
down vote
accepted
First, there is an issue with your .htaccess
file:
- In lines 6-8; you require that the user is authenticated, but only if it's not an
OPTIONS
request. This is fine. - In line 4 however, you require that the user is authenticated as user
usernam
, regardles of the request method (GET, POST, OPTIONS, etc...)
So if you remove line 4 or move it into the LimitExcept
section your config should work.
For more information see the mod_authz_core docs
Second, the error message for the first solution you posted ("The server encountered an internal error or misconfiguration...") hints at an invalid httpd.conf
file. There may be something else misconfigured. Check your configuration and the Apache documentation.
As a reference, the config files I used for testing can be found at: https://github.com/mhutter/stackexchange/tree/master/467654
First, there is an issue with your .htaccess
file:
- In lines 6-8; you require that the user is authenticated, but only if it's not an
OPTIONS
request. This is fine. - In line 4 however, you require that the user is authenticated as user
usernam
, regardles of the request method (GET, POST, OPTIONS, etc...)
So if you remove line 4 or move it into the LimitExcept
section your config should work.
For more information see the mod_authz_core docs
Second, the error message for the first solution you posted ("The server encountered an internal error or misconfiguration...") hints at an invalid httpd.conf
file. There may be something else misconfigured. Check your configuration and the Apache documentation.
As a reference, the config files I used for testing can be found at: https://github.com/mhutter/stackexchange/tree/master/467654
answered Sep 11 at 23:46
mhutter
567210
567210
add a comment |Â
add a comment |Â
up vote
0
down vote
The error 401 Unauthorized
means that the HTTP server expects credentials, usually a user name and password. Accoring to the question, you removed the .htacccess
file that requested authentication, so there must be still something in the active configuration that requests authentication.
To provide the credentials, with curl
you can use the option -u, --user <user:password>
(short or long form).
When you get an error 500
, there should be an entry in the Apache logs that explains what king of error occurred.
When something doesn't work, it is generally a good idea to reduce the configuration to the required minimum to find the problem. To do that, comment out lines you think don't cause the problem and try again. Either it starts working, then you know where to look at more closely, or you have a simplified config.
With your config, the header lines probably don't contribute to the problem, but I would first try to get it working without the redirect. When you have a working config, you can add lines until either it breaks again or you have the config you want.
add a comment |Â
up vote
0
down vote
The error 401 Unauthorized
means that the HTTP server expects credentials, usually a user name and password. Accoring to the question, you removed the .htacccess
file that requested authentication, so there must be still something in the active configuration that requests authentication.
To provide the credentials, with curl
you can use the option -u, --user <user:password>
(short or long form).
When you get an error 500
, there should be an entry in the Apache logs that explains what king of error occurred.
When something doesn't work, it is generally a good idea to reduce the configuration to the required minimum to find the problem. To do that, comment out lines you think don't cause the problem and try again. Either it starts working, then you know where to look at more closely, or you have a simplified config.
With your config, the header lines probably don't contribute to the problem, but I would first try to get it working without the redirect. When you have a working config, you can add lines until either it breaks again or you have the config you want.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
The error 401 Unauthorized
means that the HTTP server expects credentials, usually a user name and password. Accoring to the question, you removed the .htacccess
file that requested authentication, so there must be still something in the active configuration that requests authentication.
To provide the credentials, with curl
you can use the option -u, --user <user:password>
(short or long form).
When you get an error 500
, there should be an entry in the Apache logs that explains what king of error occurred.
When something doesn't work, it is generally a good idea to reduce the configuration to the required minimum to find the problem. To do that, comment out lines you think don't cause the problem and try again. Either it starts working, then you know where to look at more closely, or you have a simplified config.
With your config, the header lines probably don't contribute to the problem, but I would first try to get it working without the redirect. When you have a working config, you can add lines until either it breaks again or you have the config you want.
The error 401 Unauthorized
means that the HTTP server expects credentials, usually a user name and password. Accoring to the question, you removed the .htacccess
file that requested authentication, so there must be still something in the active configuration that requests authentication.
To provide the credentials, with curl
you can use the option -u, --user <user:password>
(short or long form).
When you get an error 500
, there should be an entry in the Apache logs that explains what king of error occurred.
When something doesn't work, it is generally a good idea to reduce the configuration to the required minimum to find the problem. To do that, comment out lines you think don't cause the problem and try again. Either it starts working, then you know where to look at more closely, or you have a simplified config.
With your config, the header lines probably don't contribute to the problem, but I would first try to get it working without the redirect. When you have a working config, you can add lines until either it breaks again or you have the config you want.
answered Sep 12 at 6:03
RalfFriedl
4,1151625
4,1151625
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f467654%2fhow-to-make-httpd-response-200-for-options-request%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Is your question about how to configure Apache, or is it about how to provide the credentials in the client (
curl
)?â RalfFriedl
Sep 11 at 5:19
To configure Apache ,then check it with curl.
â scrapy
Sep 11 at 6:48