Returning "200 OK" in Apache on HTTP OPTIONS requests

Posted by i.. on Server Fault See other posts from Server Fault or by i..
Published on 2011-02-06T05:53:18Z Indexed on 2012/09/25 9:39 UTC
Read the original article Hit count: 217

Filed under:
|
|
|

I'm attempting to implement cross-domain HTTP access control without touching any code.

I've got my Apache(2) server returning the correct Access Control headers with this block:

Header set Access-Control-Allow-Origin "*"                   
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS" 

I now need to prevent Apache from executing my code when the browser sends a HTTP OPTIONS request (it's stored in the REQUEST_METHOD environment variable), returning 200 OK.

How can I configure Apache to respond "200 OK" when the request method is OPTIONS?

I've tried this mod_rewrite block, but the Access Control headers are lost.

RewriteEngine On                  
RewriteCond %{REQUEST_METHOD} OPTIONS 
RewriteRule ^(.*)$ $1 [R=200,L]       

© Server Fault or respective owner

Related posts about apache2

Related posts about security