I have a API-server (gin-gonic) running on localhost:8080. All the typical CORS-Header are set for debugging: When I try to test the API with a simple Frontend (swagger-ui) i get a CORS-error. (swagger is running on localhost:9090)
It works when everything is running on the same domain.
c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
c.Writer.Header().Set("Access-Control-Allow-Headers", "*")
c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
why is this not working. Should the 3 lines not keep all CORS problems away?
Im super curious for actual explanations rather than a plain solution. All resources regarding this (or a good one about CORS) are welcome.
It works fine in Postman or CURL