diff --git a/src/auth.rs b/src/auth.rs
index 5752fe9..e19bc16 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -82,6 +82,11 @@ impl AccessControl {
         if self.rules.is_empty() {
             return GuardType::ReadWrite;
         }
+
+        if method == Method::OPTIONS {
+            return GuardType::ReadOnly;
+        }
+
         let mut controls = vec![];
         for path in walk_path(path) {
             if let Some(control) = self.rules.get(path) {
diff --git a/tests/auth.rs b/tests/auth.rs
index 5aa2eef..83b6434 100644
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -35,6 +35,16 @@ fn auth_skip(#[with(&["--auth", "/@user:pass@*"])] server: TestServer) -> Result
     Ok(())
 }
 
+#[rstest]
+fn auth_skip_on_options_method(
+    #[with(&["--auth", "/@user:pass"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"OPTIONS", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
 #[rstest]
 fn auth_readonly(
     #[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,