问题描述
我为我的api文档实施了wswagger,它在本地主机上的其他端口上运行,而我的应用程序在8888端口上运行。我已经实现了cors https://github.com/rs/cors
我实现cors的代码是
var Router = func() *mux.Router{
router := mux.NewRouter()
var c = cors.New(cors.Options{
AllowedOrigins: []string{"*"},AllowCredentials: true,AllowedMethods :[]string{"POST","PUT","GET","DELETE","OPTIONS"},AllowedHeaders: []string{"Accept","Authorization","Content-Type","X-CSRF-Token"},MaxAge: 300,// Enable Debugging for testing,consider disabling in production
Debug: true,})
RegisterHandler := http.HandlerFunc(controllers.Register)
router.Handle("/api/register",c.Handler(middleware.RequestValidator(RegisterHandler,reflect.TypeOf(dto.UserRequest{})))).Methods("POST")
fmt.Println("var1 = ",reflect.TypeOf(router))
return router
}
在遇到邮递员的请求时,代码似乎运行正常
邮递员响应标题
access-control-allow-credentials →true
access-control-allow-origin →*
content-length →123
content-type →application/json
date →Wed,14 Oct 2020 04:02:37 GMT
vary →Origin
由于我在实现控制台上打印的cors中间件日志时启用了调试,如下所示:
控制台日志
[cors] 2020/10/14 09:32:37 Handler: Actual request
[cors] 2020/10/14 09:32:37 Actual response added headers: map[Access-Control-Allow-Credentials:[true] Access-Control-Allow-Origin:[*] vary:[Origin]]
问题
当我在浏览器中从Swagger-UI访问相同的API时,我遇到了更麻烦的问题,即未设置“ Access-Control-Allow-Origin”标头
Access to fetch at 'http://localhost:8888/api/register' from origin 'http://localhost:45601' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs,set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
控制台上没有打印日志。
似乎从Swagger UI访问API时,无法访问cors中间件代码。
这是大招响应的Bowser网络呼叫详细信息
HTTP方法=选项
常规
Request URL: http://localhost:8888/api/register
Request Method: OPTIONS
Status Code: 405 Method Not Allowed
Remote Address: [::1]:8888
Referrer Policy: strict-origin-when-cross-origin
响应标题
Content-Length: 0
Date: Wed,14 Oct 2020 04:25:23 GMT
请求标头
Accept: */*
Accept-Encoding: gzip,deflate,br
Accept-Language: en-US,en-IN;q=0.9,en;q=0.8
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Cache-Control: no-cache
Connection: keep-alive
Host: localhost:8888
Origin: http://localhost:45601
Pragma: no-cache
Referer: http://localhost:45601/
Sec-Fetch-Dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/85.0.4183.121 Safari/537.36
常规
Request URL: http://localhost:8888/api/register
Referrer Policy: strict-origin-when-cross-origin
请求标头
Provisional headers are shown
accept: application/json
Content-Type: application/json
Referer: http://localhost:45601/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/85.0.4183.121 Safari/537.36
谢谢!
解决方法
您需要在路由器上允许OPTIONS
方法。
https://github.com/abhimanyu1990/go-connect/blob/main/app/conf/router.configuration.go#L30
router.Handle("/api/register",c.Handler(middleware.RequestValidator(RegisterHandler,reflect.TypeOf(dto.UserRequest{})))).Methods("POST","OPTIONS")