我在我的web服务器上看到一些奇怪的行为。 试图让keeWeb接受来自不同服务器上的webDAV共享文件。 如果我想添加一个WebDAV文件,input的forms为:
https://FQDN:8443/webdav/file.kdbx 我看到以下头(FF开发工具头 – >响应头):
Access-Control-Allow-Origin:"*" Access-Control-Allow-Methods:"GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK" Access-Control-Allow-Headers:"origin, content-type, cache-control, accept, authorization, if-match, destination, overwrite" Access-Control-Allow-Credentials:"true"
但是,在networking标签我可以看到一个401:请求方法:选项状态代码:401未经授权
看起来像CORS头被添加,但重写不起作用。 我的Apacheconfiguration:
<Directory /var/www/html/webdav> Header always set Access-Control-Allow-Origin * Header always set Access-Control-Allow-Headers "origin, content-type, cache-control, accept, authorization, if-match, destination, overwrite" Header always set Access-Control-Expose-Headers "ETag" Header always set Access-Control-Allow-Methods "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK" Header always set Access-Control-Allow-Credentials "true" RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L] DAV On AuthType Basic AuthName "Authentication Required" AuthUserFile /etc/httpd/.htpasswd Require valid-user </Directory>
我错过了一些东西,或者可能是因为重写在Apache / 2.4.6(CentOS)上不起作用。 我真的不知道如何debugging重写。 有没有办法跟踪这样的事情?
我有完全相同的问题,我一直试图解决这个问题,我只是放弃了。 服务器版本:Apache / 2.4.10(Raspbian)我除了从Keeweb的CORS头部( https://github.com/keeweb/keeweb/wiki/WebDAV-Config )
Alias /KeePass /var/www/KeePass <Directory /var/www/KeePass> DAV On AuthType Digest AuthName "KeePass" AuthUserFile /var/www/passwd.dav <LimitExcept OPTIONS> Require valid-user </LimitExcept> </Directory>