405 Method Not Allowed – strict-origin-when-cross-origin IIS8

  Kiến thức lập trình

I do web design, I don’t know a lot about web servers beyond basics.

I am using Joomla 4 and Yootheme Pro 4 on an IIS 8.5 server. When I try to delete items fro “My Layouts” they don’t get deleted.

When I use the browser inspector I get the errors below.

405 Method Not Allowed
strict-origin-when-cross-origin

DELETE https://www.example.com/administrator/index.php?option=com_ajax&p=builder%2Flibrary&templateStyle=14&id=INFrqvsK 405 (Method Not Allowed)
(anonymous)             @   customizer.min.js?4.3.13:3
rA                  @   customizer.min.js?4.3.13:3
fetch                   @   customizer.min.js?4.3.13:4
delete                  @   customizer.min.js?4.3.13:4
deleteElement           @   customizer.min.js?4.3.13:135
q                   @   customizer.min.js?4.3.13:166
Promise.then (async)        
b                   @   customizer.min.js?4.3.13:166
e.trigger           @   customizer.min.js?4.3.13:166
installed.e.$trigger    @   customizer.min.js?4.3.13:166
deleteElement           @   customizer.min.js?4.3.13:118
click                   @   customizer.min.js?4.3.13:118
(anonymous)         @   customizer.min.js?4.3.13:109
await in (anonymous) (async)        
Rn                  @   customizer.min.js?4.3.13:3
r                   @   customizer.min.js?4.3.13:3
Ex.o._wrapper          @   customizer.min.js?4.3.13:3

My web.config file

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
    <system.webServer>
       <directoryBrowse enabled="false" />
       <rewrite>
           <rules>
               <rule name="Joomla! Common Exploits Prevention" stopProcessing="true">
                   <match url="^(.*)$" ignoreCase="false" />
                   <conditions logicalGrouping="MatchAny">
                       <add input="{QUERY_STRING}" pattern="base64_encode[^(]*([^)]*)" ignoreCase="false" />
                       <add input="{QUERY_STRING}" pattern="(>|%3C)([^s]*s)+cript.*(<|%3E)" />
                       <add input="{QUERY_STRING}" pattern="GLOBALS(=|[|%[0-9A-Z]{0,2})" ignoreCase="false" />
                       <add input="{QUERY_STRING}" pattern="_REQUEST(=|[|%[0-9A-Z]{0,2})" ignoreCase="false" />
                   </conditions>
                   <action type="CustomResponse" url="index.php" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
               </rule>
               <rule name="Joomla! API Application SEF URLs">
                   <match url="^api/(.*)" ignoreCase="false" />
                   <conditions logicalGrouping="MatchAll">
                     <add input="{URL}" pattern="^/api/index.php" ignoreCase="true" negate="true" />
                     <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
                     <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
                   </conditions>
                   <action type="Rewrite" url="api/index.php" />
               </rule>
               <rule name="Joomla! Public Frontend SEF URLs">
                   <match url="(.*)" ignoreCase="false" />
                   <conditions logicalGrouping="MatchAll">
                     <add input="{URL}" pattern="^/index.php" ignoreCase="true" negate="true" />
                     <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
                     <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
                   </conditions>
                   <action type="Rewrite" url="index.php" />
               </rule>
           </rules>
       </rewrite>


        <handlers>
            <clear />
            <add name="php-8.1.12" path="*.php" verb="GET,HEAD,POST" type="" modules="FastCgiModule" scriptProcessor="C:Program Files (x86)PHPphp-8.1.12-nts-Win32-vs16-x64php-cgi.exe" resourceType="Either" requireAccess="Script" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
            <add name="PHPHTML" path="*.html" verb="*" type="" modules="CgiModule" scriptProcessor="C:Program Files (x86)PHPphp-8.1.12-nts-Win32-vs16-x64php-cgi.exe" resourceType="File" requireAccess="Script" allowPathInfo="false" preCondition="bitness32" responseBufferLimit="4194304" />
            <add name="CGI-exe" path="*.exe" verb="*" type="" modules="CgiModule" scriptProcessor="" resourceType="File" requireAccess="Execute" allowPathInfo="true" preCondition="" responseBufferLimit="4194304" />
            <add name="TRACEVerbHandler" path="*" verb="TRACE" type="" modules="ProtocolSupportModule" scriptProcessor="" resourceType="Unspecified" requireAccess="None" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
            <add name="OPTIONSVerbHandler" path="*" verb="OPTIONS" type="" modules="ProtocolSupportModule" scriptProcessor="" resourceType="Unspecified" requireAccess="None" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
            <add name="StaticFile" path="*" verb="*" type="" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" scriptProcessor="" resourceType="Either" requireAccess="Read" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
        </handlers>
        <defaultDocument>
            <files>
                <clear />
                <add value="index.php" />
                <add value="index.html" />
            </files>
        </defaultDocument>
        <httpProtocol>
            <customHeaders>
                <remove name="Content-Security-Policy" />
                <remove name="EXPECT-CT" />
                <remove name="Permissions-Policy" />
                <remove name="Referrer-Policy" />
                <remove name="Strict-Transport-Security" />
                <remove name="X-Content-Type-Options" />
                <remove name="X-Frame-Options" />
                <remove name="X-Powered-By" />
                <remove name="X-XSS-Protection" />
            </customHeaders>
        </httpProtocol>
        <caching>
            <profiles>
                <remove extension=".png, .jpg, .svg" />
                <add extension=".jpg, .png, .svg" policy="CacheUntilChange" kernelCachePolicy="DontCache" />
            </profiles>
        </caching>
        <staticContent>
            <mimeMap fileExtension=".webp" mimeType="image/jpeg" />
        </staticContent>
    </system.webServer>
    </configuration>

Handler mappings

I have read quite a few threads on here and other websites, but I don;t know what to add/delete/change.

I tried suggestions from this page with no change – 405 Method not allowed error in angularjs http Post request with IIS 8.5.

LEAVE A COMMENT