CORS on subversion edge

prashants
prashants
Hi  Need help to setup CORS on subversion edge , I have tried updating httpd.conf with following setting but after the changes subversion server do not start without logging any error ,    Header always set Access-Control-Allow-Origin "*"   Header always set Access-Control-Max-Age "1000" Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding" Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"   RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ blank.php [QSA,L]   

Last updated

DougR
DougR
In general I strongly discourage using the specific HTTP operations (POST, GET, OPTIONS, etc.) for limiting operations within a Subversion repository: I've seen too many different organizations try and fail at doing this. Typos, missing operations, unnecessary operations, etc. And all of that is subject to internal changes to Subversion implementation changing the operations-set between releases.  I encourage the use of the "authz" file that Subversion enables. The format of this file is much easier to get correct and, more importantly, states exactly who gets what permissions to do what. You can do that at the repository level or, if necessary, sub-repository path level.  See here: http://svnbook.red-bean.com/en/1.8/svn.serverconfig.pathbasedauthz.html  An Apache configuration would look like:  
<Location /svn>     DAV svn     SVNParentPath /opt/repo     SVNListParentPath On     AuthType Basic     AuthBasicProvider ldap     AuthName "SVN Repo"     AuthLDAPURL "ldap://f.q.d.n/bindDN?uid"     Require valid-user     AuthzSVNAccessFile /some/path/ApacheAuthZ.conf   </Location>
 
prashants
prashants
Thanks ...will using ApacheAuthZ.conf enable the CORS

1-6 of 6

Reply to this discussion

You cannot edit posts or make replies: You should be logged in before you can post.