example/golang-server-template
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature: 处理跨域问题

Browse Source
This commit is contained in:
leonmin 2024-07-14 02:26:20 +08:00
parent 08e9ad55ee
commit 0ee76d3c92
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/api/middleware.go
View File

@ -152,11 +152,10 @@ func (app *application) requirePermission(code string, next http.HandlerFunc) ht
func (app *application) enableCORS(next http.Handler) http.Handler { func (app *application) enableCORS(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Add("Vary", "Origin") w.Header().Add("Vary", "Origin")
w.Header().Add("Vary", "Access-Control-Request-Method") w.Header().Add("Vary", "Access-Control-Request-Method")
origin := r.Header.Get("Origin") origin := r.Header.Get("Origin")
if origin != "" { if origin != "" && len(app.config.cors.trustedOrigins) != 0 {
for i := range app.config.cors.trustedOrigins { for i := range app.config.cors.trustedOrigins {
if origin == app.config.cors.trustedOrigins[i] { if origin == app.config.cors.trustedOrigins[i] {
w.Header().Set("Access-Control-Allow-Origin", origin) w.Header().Set("Access-Control-Allow-Origin", origin)
@ -169,6 +168,14 @@ func (app *application) enableCORS(next http.Handler) http.Handler {
break break
} }
} }
} else {
w.Header().Set("Access-Control-Allow-Origin", "*")
if r.Method == http.MethodOptions && r.Header.Get("Access-Control-Request-Method") != "" {
w.Header().Set("Access-Control-Allow-Methods", "OPTIONS, PUT, PATCH, DELETE")
w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
w.WriteHeader(http.StatusOK)
return
}
} }
next.ServeHTTP(w, r) next.ServeHTTP(w, r)
}) })