从 go-swagger UI 访问 API 时 Golang 中的 CORS 问题

首页课程实战体系课手记专栏慕课教程

从 go-swagger UI 访问 API 时 Golang 中的 CORS 问题

我已经为我的 API 文档实现了 go-swagger，该文档在我的本地主机上的不同端口上运行，我的应用程序在端口 8888 上运行。我已经实现了 cors https://github.com/rs/cors

我实现 cors 的代码是

var Router = func() *mux.Router{

router := mux.NewRouter()

var c = cors.New(cors.Options{

AllowedOrigins: []string{"*"},

AllowCredentials: true,

AllowedMethods :[]string{"POST", "PUT","GET","DELETE","OPTIONS"},

AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"},

MaxAge: 300,

// Enable Debugging for testing, consider disabling in production

Debug: true,

})

RegisterHandler := http.HandlerFunc(controllers.Register)

router.Handle("/api/register",c.Handler(middleware.RequestValidator(RegisterHandler,reflect.TypeOf(dto.UserRequest{})))).Methods("POST")

fmt.Println("var1 = ", reflect.TypeOf(router))

return router

}

当从 Postman 发出请求时，似乎代码运行良好

邮递员响应标头

access-control-allow-credentials →true

access-control-allow-origin →*

content-length →123

content-type →application/json

date →Wed, 14 Oct 2020 04:02:37 GMT

vary →Origin

由于我在实现我的控制台上打印的 cors 中间件日志时启用了调试，如下所示

控制台日志

[cors] 2020/10/14 09:32:37 Handler: Actual request

[cors] 2020/10/14 09:32:37 Actual response added headers: map[Access-Control-Allow-Credentials:[true] Access-Control-Allow-Origin:[*] Vary:[Origin]]

问题

当我在浏览器中从 Swagger-UI 访问相同的 API 时，我遇到了未设置“Access-Control-Allow-Origin”标头的问题

Access to fetch at 'http://localhost:8888/api/register' from origin 'http://localhost:45601' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

并且控制台上没有打印日志。

从 Swagger UI 访问 API 时，似乎无法访问 cors 中间件代码。

这是 swagger 响应的 Bowser 网络调用详细信息

犯罪嫌疑人X

浏览 254回答 2

2回答

沧海一幻觉

您需要OPTIONS在路由器上允许方法。https://github.com/abhimanyu1990/go-connect/blob/main/app/conf/router.configuration.go#L30router.Handle("/api/register", c.Handler(middleware.RequestValidator(RegisterHandler, reflect.TypeOf(dto.UserRequest{})))).Methods("POST", "OPTIONS")

0 0

万千封印

当我尝试启用 CORS 并在 Go 中写入标头时，这很烦人。最后，我创建了一个包装 ResponseWriter 的结构来检测标头是否已经写入并且它工作正常。package routerimport (    "log"    "net/http")const (    noWritten     = -1    defaultStatus = http.StatusOK)type ResponseWriter struct {    writer http.ResponseWriter    size   int    status int}func (w *ResponseWriter) Writer() http.ResponseWriter {    return w.writer}func (w *ResponseWriter) WriteHeader(code int) {    if code > 0 && w.status != code {        if w.Written() {            log.Printf("[WARNING] Headers were already written. Wanted to override status code %d with %d", w.status, code)        }        w.status = code    }}func (w *ResponseWriter) WriteHeaderNow() {    if !w.Written() {        w.size = 0        w.writer.WriteHeader(w.status)    }}func (w *ResponseWriter) Write(data []byte) (n int, err error) {    w.WriteHeaderNow()    n, err = w.writer.Write(data)    w.size += n    return}func (w *ResponseWriter) Status() int {    return w.status}func (w *ResponseWriter) Size() int {    return w.size}func (w *ResponseWriter) Written() bool {    return w.size != noWritten}在回应中：func respondJSON(w *router.ResponseWriter, status int, payload interface{}) {    res, err := json.Marshal(payload)    if err != nil {        respondError(w, internalErrorStatus.number, internalErrorStatus.description)        return    }    go w.WriteHeader(status)    header := w.Writer().Header()    header.Add("Access-Control-Allow-Origin", "*")    header.Add("Content-Type", "application/json")    header.Add("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE")    header.Add("Access-Control-Allow-Headers", "*")    w.Write([]byte(res))}

0 0

随时随地看视频慕课网APP

相关分类

Go