updated on Thu Jan 19 04:14:35 UTC 2012

[aur-mirror.git] / carddavmate / httpd-carddavmate.conf

                <Directory "/srv/http/carddavmate/">
                        AuthUserFile /srv/http/carddavmate/htpasswd
                        AuthType Basic
                        AuthName "password, please"
                        Require valid-user
                </Directory>

                <FilesMatch "htpasswd">
                         Order allow,deny
                         Deny from all
                         Satisfy All
                 </FilesMatch>

        RewriteEngine On
        <IfModule mod_headers.c>
                Header unset Access-Control-Allow-Origin
                Header unset Access-Control-Allow-Methods
                Header unset Access-Control-Allow-Headers
                Header unset Access-Control-Allow-Credentials

# Set the Allow-Origin to the server name under which carddavmate is accessible, i.e. for https://www.example.com/carddavmate set it to "https://www.example.com". This file is not needed if you have carddavmate and davical accessible through the same server domain name. Important: it matters whether you set this to http or https, depending on how you access carddavmate
                Header always set Access-Control-Allow-Origin "https://www.example.com"
                Header always set Access-Control-Allow-Methods "GET,POST,OPTIONS,PROPFIND,REPORT,PUT,DELETE"
                Header always set Access-Control-Allow-Headers "User-Agent,Authorization,Content-type,Depth,If-match,If-None-Match,X-client"
                Header always set Access-Control-Allow-Credentials true

                RewriteCond %{REQUEST_METHOD} OPTIONS
                RewriteRule ^(.*)$ $1 [R=200,L]
        </IfModule>