为什么我的 Web 服务器软件不允许 PUT 和 DELETE 请求? [英] Why does my web server software disallow PUT and DELETE requests?

问题描述

我正在尝试实现 REST 协议，并在尝试调试时意识到我的 Web 服务器不允许 PUT 请求.

I am trying to implement a REST protocol and have realized in trying to debug that my web server is disallowing the PUT request.

我已经通过运行进一步测试并确认了这一点:

I have tested and confirmed this further by running:

curl -X PUT  http://www.mywebserver.com/testpage

我的网络服务器返回一个403 - 禁止错误.

Which for my web server gives back a 403 - Forbidden error.

对于 DELETE 也是如此，而对于 POST 和 GET 一切都很好.

The same happens for DELETE, where as for POST and GET everything is fine.

我想知道这是否是使用 REST 的人遇到的常见问题以及可能的解决方法是什么?

I am wondering if this is a common issue that those who use REST encounter and what the work-around might be?

我可以对 .htaccess 文件做一个简单的更改吗?还是需要修改协议在POST查询字符串中设置隐藏变量_method"?

Could I make a simple change to an .htaccess file? Or do I need to modify the protocol to set a hidden variable "_method" in the POST query string?

推荐答案

Web 服务器通常会被配置为阻止除 GET 和 POST 之外的任何内容，因为99% 的情况下，它们都是需要的，并且出现了问题过去假设请求是这两个请求之一的应用程序.

Often web servers will be configured to block anything except GET and POST since 99% of the time they're all that are needed and there have been problems in the past with applications assuming the requests were one of those two.

您不说它是哪个服务器，但是，例如，您可以告诉 Apache 哪个指令允许的方法:

You don't say which server it is but, for example, you can tell Apache which methods to allow with the directive:

例如:

<Limit POST PUT DELETE>
  Require valid-user
</Limit>

听起来可能是一些有用的系统管理员使用它来阻止非 GET/POST

It sounds like maybe some helpful sysadmin has used this to block non GET/POST

你可以用

<Limit GET POST PUT DELETE>
  Allow from all
</Limit>

(我不是 apache 专家，这可能不完全正确)

(I'm not an expert at apache, this may not be exactly correct)

这篇关于为什么我的 Web 服务器软件不允许 PUT 和 DELETE 请求?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！