Contents
gin
1
2package handler
3
4import (
5 "github.com/gin-gonic/gin"
6 "net/http"
7)
8
9func Cors() gin.HandlerFunc {
10 return func(c *gin.Context) {
11 method := c.Request.Method //请求方法
12 origin := c.Request.Header.Get("Origin") //请求头部
13 originDomains := []string{"http://localhost:3000"}
14 inArraysFlag := false
15 for _, value := range originDomains {
16 if origin == value {
17 inArraysFlag = true
18 break
19 }
20 }
21 if origin != "" && inArraysFlag {
22 // 这是允许访问所有域
23 c.Header("Access-Control-Allow-Origin", origin)
24 //服务器支持的所有跨域请求的方法,为了避免浏览次请求的多次'预检'请求
25 c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
26 // header的类型
27 c.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token,session,X_Requested_With,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language,DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Pragma")
28 // 允许跨域设置 可以返回其他子段
29 c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,FooBar")
30 // 跨域关键设置 让浏览器可以解析
31 c.Header("Access-Control-Max-Age", "172800")
32 // 缓存请求信息 单位为秒
33 c.Header("Access-Control-Allow-Credentials", "false")
34 // 跨域请求是否需要带cookie信息 默认设置为true
35 c.Set("content-type", "application/json")
36 // 设置返回格式是json
37 }
38 //放行所有OPTIONS方法
39 if method == "OPTIONS" {
40 c.JSON(http.StatusOK, "Options Request!")
41 }
42 // 处理请求
43 c.Next() // 处理请求
44 }
45}
46func CorsHandler() gin.HandlerFunc {
47 return func(c *gin.Context) {
48 method := c.Request.Method
49 origin := c.Request.Header.Get("Origin")
50 if origin != "" {
51 c.Header("Access-Control-Allow-Origin", origin)
52 c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
53 c.Header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization")
54 c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
55 c.Header("Access-Control-Allow-Credentials", "false")
56 c.Set("content-type", "application/json")
57 }
58 if method == "OPTIONS" {
59 c.AbortWithStatus(http.StatusNoContent)
60 }
61 c.Next()
62 }
63}
64
65
