beego解决跨域问题:options请求、axios post请求跨域问题

2020-10-16 11:02:49 浏览数 (2)

根据网上的资料配置,还是未能解决跨域的问题,错误如下:

代码语言:javascript复制
has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

网上的配置如下:

代码语言:javascript复制
	beego.InsertFilter("/*", beego.BeforeRouter, cors.Allow(&cors.Options{
		AllowAllOrigins:  true,
		AllowMethods:     []string{"*"},
		AllowHeaders:     []string{"*"},
		AllowCredentials: true,
	}))

正确的配置(2020-05-10 依然不能完全解决)

代码语言:javascript复制
	beego.InsertFilter("/*", beego.BeforeRouter, cors.Allow(&cors.Options{
		AllowOrigins:     []string{"*"},
		AllowMethods:     []string{"*"},
		AllowHeaders:     []string{"*"},
		AllowCredentials: true,
	}))

2020-05-10:上面的配置,在碰到options请求的时候,依然还是会提示跨域问题:

代码语言:javascript复制
Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response

The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

等等报错。

解决

既然用这些配置没法解决,那就自己撸一个吧。

cors_filter.go

代码语言:javascript复制
var success = []byte("SUPPORT OPTIONS")

var corsFunc = func(ctx *context.Context) {
	origin := ctx.Input.Header("Origin")
	ctx.Output.Header("Access-Control-Allow-Methods", "OPTIONS,DELETE,POST,GET,PUT,PATCH")
	ctx.Output.Header("Access-Control-Max-Age", "3600")
	ctx.Output.Header("Access-Control-Allow-Headers", "X-Custom-Header,accept,Content-Type,Access-Token")
	ctx.Output.Header("Access-Control-Allow-Credentials", "true")
	ctx.Output.Header("Access-Control-Allow-Origin", origin)
	if ctx.Input.Method() == http.MethodOptions {
		// options请求,返回200
		ctx.Output.SetStatus(http.StatusOK)
		_ = ctx.Output.Body(success)
	}
}

func init() {
	beego.InsertFilter("/*", beego.BeforeRouter, corsFunc)
}
复制代码

加了这个配置之后,跨域总算解决了。

0 人点赞