Article

  • 9 months

    9 months

    YetiShare / Core

    862

Direct File Server - Upload Error - OPTIONS Method Blocked - CORS

Issue:

On upload you see the following error:

ERROR: There was a server problem when attempting the upload, please try again later.

Using dev tools in Chrome (press F12) you see the following:

VM1363:1 OPTIONS http://cdn2.yoursite.com/core/page/ajax/file_upload_handler.ajax.php?r=yoursite.com&p=http&csaKey1=7cb06eb0937fc364b365ebfcdc699a0146b1716ee89e4d47ce67587eca411ab7&csaKey2=30569f5fb1ddef2d6566ef04274b6171a13513853d7a5be1b55d65d12e8fe879 404 (Not Found)

Failed to load http://cdn2.yoursite.com/core/page/ajax/file_upload_handler.ajax.php?r=yoursite.com&p=http&csaKey1=7cb06eb0937fc364b365ebfcdc699a0146b1716ee89e4d47ce67587eca411ab7&csaKey2=30569f5fb1ddef2d6566ef04274b6171a13513853d7a5be1b55d65d12e8fe879: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://yoursite.com' is therefore not allowed access. The response had HTTP status code 404.

Fix:

This is due to your file server blocking the OPTIONS http method. You will need to allow this method within your Apache configuration and ensure you have nothing like mod_security blocking this method.

For Apache on DirectAdmin:

nano /usr/local/directadmin/data/users/cdn1/httpd.conf

Add the following to the vhost, directory section:

AllowMethods GET HEAD POST OPTIONS DELETE PUT

Restart Apache after these changes.

Example:

<VirtualHost 1.1.1.1:80 >
<Directory /home/cdn1/domains/yoursite.com/public_html>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,IncludesNOEXEC,MultiViews,SymLinksIfOwnerMatch,FollowSymLinks,None
Options -ExecCGI -Includes +IncludesNOEXEC
AllowMethods GET HEAD POST OPTIONS DELETE PUT
</Directory>
</VirtualHost>

Log Locations & Sample Apache Error:

tail /var/log/httpd/domains/yoursite.com.cdn1.error.log

[Thu Jan 18 03:12:17.301807 2018] [allowmethods:error] [pid 24109] [client 212.159.20.229:61735] AH01623: client method denied by server configuration: 'OPTIONS' to /home/cdn1/domains/streamleo.com/public_html/cdn1/core/page/ajax/file_upload_handler.ajax.php