doupo5178 2019-08-16 13:34
浏览 536

在golang服务器中面临CORS问题

I have written this code in my Go server:

func main() {
    r := chi.NewRouter()
    cors := cors.New(cors.Options{
        AllowedOrigins:     []string{"*"},
        AllowOriginFunc:    func(r *http.Request, origin string) bool { return true },
        AllowedMethods:     []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
        AllowedHeaders:     []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
        ExposedHeaders:     []string{"Link"},
        AllowCredentials:   true,
        OptionsPassthrough: true,
        MaxAge:             3599, // Maximum value not ignored by any of major browsers
    })
    flag.Parse()

    // A good base middleware stack
    r.Use(cors.Handler)
    r.Use(middleware.RequestID)
    r.Use(middleware.Logger)
    r.Use(middleware.Recoverer)
    r.Use(middleware.URLFormat)
    r.Use(render.SetContentType(render.ContentTypeJSON))
    r.Use(middleware.Timeout(60 * time.Second))

    r.Group(func(r chi.Router) {

        r.Route("/api", func(r chi.Router) {
            r.Route("/items", func(r chi.Router) {
                r.Get("/", allItems)
                r.Route("/{barcode}", func(r chi.Router) {
                    r.Get("/", getItem)
                    r.Put("/", updateItem)
                })
                r.Post("/", postItem)
                r.Delete("/", deleteItem)
            })

            r.Route("/sale_lines", func(r chi.Router) {
                //  r.Use(cors.Handler)
                r.Post("/", postSales)
                r.Put("/", updateSales)
                r.Delete("/", deleteSales)

            })
        })
    })
    http.ListenAndServe(":8080", r)
}

I am facing the problem that when I am calling the api from my react app, it is giving me an error like this:

Access to XMLHttpRequest at 'http://localhost:8080/api/sale_lines' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

What problem is there which I am missing?

  • 写回答

1条回答

  • doujing3896 2019-08-17 04:40
    关注

    Your mistake must be in some of your middleware. The probe and your code works fine, just change the name of AllowOriginFunc from the CORS options to AllowOriginRequestFunc

    Server code:

    package main

import (
    "net/http"

    "github.com/go-chi/chi"
    "github.com/rs/cors"
)

func main() {
    r := chi.NewRouter()
    cors := cors.New(cors.Options{
        AllowedOrigins:         []string{"*"},
        AllowOriginRequestFunc: func(r *http.Request, origin string) bool { return true },
        AllowedMethods:         []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
        AllowedHeaders:         []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},
        ExposedHeaders:         []string{"Link"},
        AllowCredentials:       true,
        OptionsPassthrough:     true,
        MaxAge:                 3599, // Maximum value not ignored by any of major browsers
    })

    r.Use(cors.Handler)

    r.Get("/", func(w http.ResponseWriter, r *http.Request) {
        w.Write([]byte("Hello World"))
    })
    http.ListenAndServe(":8080", r)
}

    I tested it using XMLHttpRequest:

    <div id="root"></div>
<script>
  var req = new XMLHttpRequest();
  req.open("GET", "http://localhost:8080/", false);
  req.onload = function(event) {
    if (req.readyState == 4 && req.status == 200)
      document.getElementById("root").innerText = req.responseText;
  };
  req.send();
</script>
    评论

报告相同问题?

悬赏问题

  • ¥50 易语言把MYSQL数据库中的数据添加至组合框
  • ¥20 求数据集和代码#有偿答复
  • ¥15 关于下拉菜单选项关联的问题
  • ¥20 java-OJ-健康体检
  • ¥15 rs485的上拉下拉,不会对a-b<-200mv有影响吗,就是接受时,对判断逻辑0有影响吗
  • ¥15 使用phpstudy在云服务器上搭建个人网站
  • ¥15 应该如何判断含间隙的曲柄摇杆机构,轴与轴承是否发生了碰撞?
  • ¥15 vue3+express部署到nginx
  • ¥20 搭建pt1000三线制高精度测温电路
  • ¥15 使用Jdk8自带的算法,和Jdk11自带的加密结果会一样吗,不一样的话有什么解决方案,Jdk不能升级的情况