CORS Cross Origin Resource Sharing preflight fails

Alles, was den Apache betrifft, kann hier besprochen werden.

CORS Cross Origin Resource Sharing preflight fails

Postby sirio81 » 20. April 2018 08:14

Good Morning, I'm trying to configure apache to allow CORS request from a web application towards a virtual host running nextcloud.
So far, I didn't find good documnetation for the server side configuration.

This is the ajax code sending the request:

Code: Select all
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.open("GET", "https://cloud.domain.com/remote.php/webdav/path/to/my/file.7z");
console.log('open x');
xhr.setRequestHeader("content-type", "application/txt");
xhr.setRequestHeader("authorization", "Basic 3j893njd83jneu32");


And this is the apache configuration:

Code: Select all
<VirtualHost *:443>
Header set Access-Control-Allow-Origin 'https://example.callingdomain.com'
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Headers "x-requested-with, content-type, origin, authorization, accept, client-security-token"
...
</VirtualHost>


- Is it correct to insert Header statments under <VirtualHost> ?
- I don't know how to hanlde cors autentication server side. Is Access-Control-Allow-Credentials "true" sufficinet?
- Is there apache official documentation about cors?
- Any other suggestion is very welcome.


I'll report the client error messages as soon ad I can get them in english.
Anyway, the preflight request is failing.
I get no log in apache even setting debug level.

Thank you very much.
sirio81
 
Posts: 1
Joined: 20. April 2018 07:53
XAMPP version: 1
Operating System: debian

Return to Apache

Who is online

Users browsing this forum: No registered users and 2 guests