dsyq40772 2018-11-06 01:36
浏览 114

使用Golang,Revel处理飞行前请求

I made API application with Golang + Revel framework

Now I tried to send http request from front end application, made by vue.js.

But because of cors, PUT method cannot be handled.(POST method worked fine now)

In revel, I thought we can set header in app/init.go file, like this

var HeaderFilter = func(c *revel.Controller, fc []revel.Filter) {
c.Response.Out.Header().Add("X-Frame-Options", "SAMEORIGIN")
c.Response.Out.Header().Add("X-XSS-Protection", "1; mode=block")
c.Response.Out.Header().Add("X-Content-Type-Options", "nosniff")
c.Response.Out.Header().Add("Referrer-Policy", "strict-origin-when-cross-origin")

// Add them by myself
c.Response.Out.Header().Add("Access-Control-Allow-Headers", "Origin, Content-Type, Accept")
c.Response.Out.Header().Add("Access-Control-Allow-Origin", "*")
c.Response.Out.Header().Add("Access-Control-Allow-Method", "POST, GET, OPTIONS, PUT, DELETE")
c.Response.Out.Header().Add("Content-Type", "application/json; charset=UTF-8")

fc[0](c, fc[1:]) // Execute the next filter stage.

But still I got 404 error from API and request method is shown as OPTIONS.

How can I set request header to enable to handle every requests ?

  • 写回答

1条回答

  • doufan1899 2019-02-20 12:05
    关注

    Add a filters before revel.PanicFilter

    revel.Filters = []revel.Filter{
        ValidateOrigin,
        revel.PanicFilter,             // Recover from panics and display an error page instead.
        revel.RouterFilter,            // Use the routing table to select the right Action
        revel.FilterConfiguringFilter, // A hook for adding or removing per-Action filters.
        revel.ParamsFilter,            // Parse parameters into Controller.Params.
        IpLimitFilter,
        revel.SessionFilter,           // Restore and write the session cookie.
        revel.FlashFilter,             // Restore and write the flash cookie.
        revel.ValidationFilter,        // Restore kept validation errors and save new ones from cookie.
        revel.I18nFilter,              // Resolve the requested language
        HeaderFilter,
        revel.InterceptorFilter,       // Run interceptors around the action.
        revel.CompressFilter,          // Compress the result.
        revel.BeforeAfterFilter,       // Call the before and after filter functions
        revel.ActionInvoker,           // Invoke the action.
    }

var ValidateOrigin = func(c *revel.Controller, fc []revel.Filter) {
    if c.Request.Method == "OPTIONS" {
        c.Response.Out.Header().Add("Access-Control-Allow-Origin", "*")
        c.Response.Out.Header().Add("Access-Control-Allow-Headers", "Content-Type,AccessToken,X-CSRF-Token, Authorization") //自定义 Header
        c.Response.Out.Header().Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
        c.Response.Out.Header().Add("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type")
        c.Response.Out.Header().Add("Access-Control-Allow-Credentials", "true")
        c.Response.SetStatus(http.StatusNoContent)
        // 截取复杂请求下post变成options请求后台处理方法(针对跨域请求检测)
    } else {
        c.Response.Out.Header().Add("Access-Control-Allow-Headers", "Origin, Content-Type, Accept")
        c.Response.Out.Header().Add("Access-Control-Allow-Origin", "*")
        c.Response.Out.Header().Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
        c.Response.Out.Header().Add("Content-Type", "application/json; charset=UTF-8")
        c.Response.Out.Header().Add("X-Frame-Options", "SAMORIGIN")
        c.Response.Out.Header().Add("Vary", "Origin, Access-Control-Request-Method, Access-Control-Request-Headers")

        fc[0](c, fc[1:]) // Execute the next filter stage.
    }
}
...

    Because ajax turns a simple request (single post) request into a secondary request, that is, an options request is first sent to determine whether the domain is allowed, and then the real request post is sent to obtain the result.

    评论

报告相同问题?

悬赏问题

  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 对于相关问题的求解与代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料
  • ¥15 使用R语言marginaleffects包进行边际效应图绘制