405 Method Not Allowed – but Access-Control-Allow-Methods are set

In the .htaccess I set the Access-Control-Allow-Methods to GET, POST,OPTIONS,DELETE,PUT, but in the response header I can see the Allow header with only POST, DELETE, GET (see screenshot).

Remote Address:xx.xx.xx.xx:80
Request URL:http://example.com/api/v1/session
Request Method:OPTIONS
Status Code:405 Method Not Allowed

Response Headers
Access-Control-Allow-Headers:Content-Type
Access-Control-Allow-Methods:GET,POST,OPTIONS,DELETE,PUT
Access-Control-Allow-Origin:*
Allow:POST, DELETE, GET
Cache-Control:no-cache
Connection:close
Content-Encoding:gzip
Content-Type:text/html; charset=UTF-8
Frame-Options:SAMEORIGIN
Server:Apache/2.2.15 (CentOS)
Vary:Accept-Encoding
X-Frame-Options:SAMEORIGIN

How do I set the Allow Header to accept OPTIONS and PUT too?

Here’s my .htaccess:

Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header add Access-Control-Allow-Headers: "Content-Type"

# Set the default handler.
DirectoryIndex index.php index.html index.htm

# Prevent directory listing
Options -Indexes -MultiViews

<FilesMatch ".(yml|db|twig|md)$">
  <IfModule mod_authz_core.c>
    Require all denied
  </IfModule>
  <IfModule !mod_authz_core.c>
    Order deny,allow
    Deny from all
  </IfModule>
</FilesMatch>

<IfModule mod_rewrite.c>
  RewriteEngine on

  RewriteRule cache/ - [F]

  # Some servers require the RewriteBase to be set. If so, set to the correct folder.
  # RewriteBase /

  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_URI} !=/favicon.ico
  RewriteRule ^ ./index.php [L]

</IfModule>


Source: apache

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.