duanjunao9348 2017-06-12 02:22
浏览 31
已采纳

标头http未传送到我的API

I am developing an API restful in Go and my frontend in Angular (no AngularJS), but when I call my API from my Web App in Angular I do not see my headers in my backend, in special case my authorization header, because my API has authentication based in JWT.

Also I want to mention that I am using Postman and Go Request client to test my app and my headers are delivered in my API without problems.

Attached below is the CORS of my backend and the API call from my frontend.

My backend:

func Cors() gin.HandlerFunc {
    log.Println("CORS Middleware")
    return func(c *gin.Context) {
        c.Writer.Header().Add("Access-Control-Allow-Origin", "*")
        c.Next()
    }
}

My Frontend:

getData() {

const auth = `Bearer ${this.token}`;

const headers = new Headers({
  'Access-Control-Allow-Origin': '*',
  'Accept': 'application/json',
  'Authorization': auth,
});

const options = new RequestOptions(headers);

console.log(headers); //Here I can see 

const products = this.http.get('localhost:8000/api/products', options )
                .subscribe((response: Response) => {
                  this.data = response.json();
                });
return products;
}

Thanks and sorry for my english, I think that my CORS causes problems.

  • 写回答

1条回答 默认 最新

  • doushu8260 2017-06-12 02:34
    关注

    Instead of

    const options = new RequestOptions(headers);
    

    Do:

    const options = new RequestOptions({ headers: headers });
    

    The constructor for RequestOptions requires a RequestOptionsArgs, not a Headers.


    Also, it seems you are not quite understanding CORS. You don't really need to send any header from the front-end to the back end (the browser will append what you need automatically when it notices it is a CORS request). Those headers (Access-Control-Allow-Origin) should be sent by the server only.

    For your back-end, here's an improved suggestion (should handle most cases):

    func Cors() gin.HandlerFunc {
        log.Println("CORS Middleware")
        return func(c *gin.Context) {
            c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
            c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
            c.Writer.Header().Set("Access-Control-Allow-Headers", "Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
            c.Writer.Header().Set("Access-Control-Expose-Headers", "Content-Length")
            c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
            c.Writer.Header().Set("Access-Control-Max-Age", "86400")
            // c.Writer.Header().Set("Content-Type", "application/json") // uncomment if needed
    
             if c.Request.Method == "OPTIONS" {
                 fmt.Println("OPTIONS")
                 c.AbortWithStatus(200)
             } else {
                 c.Next()
             }
        }
    }
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 求差集那个函数有问题,有无佬可以解决
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题