golang 中允许使用 cors,代码如下
func register() *echo.echo {
e := echo.new()
e.get("/swagger/*", echoswagger.wraphandler) // swagger 등록
validator.registervalidator(e) // 유효성검사 등록
e.use(middleware.cors()) // cors 등록
......
package middleware
import (
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
)
func cors() echo.middlewarefunc {
return middleware.corswithconfig(middleware.corsconfig{
alloworigins: []string{"http://localhost:3000"},
allowmethods: []string{echo.get, echo.put, echo.post, echo.delete},
allowheaders: []string{echo.headerorigin, echo.headercontenttype, echo.headeraccept},
exposeheaders: []string{echo.headercontentlength},
})
}
但是,即使我在react项目中从(localhost:3000)发送请求,cors错误也不会停止。
func (serverInfo *ServerInfo) ServerStart() {
var databaseSet database.DatabaseInterface = &mysql.MysqlInfo{} // Database
databaseSet.InitDatabase() // 데이터베이스를 초기화합니다
hosts := map[string]*Host{} // Hosts
// API
hosts[fmt.Sprintf("%v.%v:%v", "api.v1", os.Getenv(envkey.SERVER_URL), os.Getenv(envkey.PORT))] = &Host{apiV1Route.Register()}
// Server
e := echo.New()
e.Use(middleware.Logger()) // 로거등록
e.Any("/*", func(c echo.Context) (err error) {
req := c.Request()
res := c.Response()
host := hosts[req.Host]
if host == nil {
err = echo.ErrNotFound
} else {
host.Echo.ServeHTTP(res, req)
}
return
})
// e.Logger.Fatal(e.StartTLS(fmt.Sprintf(":%v", os.Getenv(envkey.PORT)), "housewhale.com+3.pem", "housewhale.com+3-key.pem"))
e.Logger.Fatal(e.Start(fmt.Sprintf(":%v", os.Getenv(envkey.PORT))))
}
这个问题我已经困扰了好几天了,如何解决?我已经尝试了在手册或谷歌中找到的所有内容,但 cors 错误并没有消失。
正确答案
有一个错误,没有附加错误,我附加了如下错误,当时问题就解决了。
access to fetch at 'https://api.v1.localhsot:8081/auth/retoken' from origin 'http://localhost:3000' has been blocked by cors policy: response to preflight request doesn't pass access control check: no 'access-control-allow-origin' header is present on the requested resource. if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with cors disabled.
服务器端未正确允许cors,请配置服务器端以匹配请求
例如,如果客户端向标头发送授权数据,则服务器也允许在标头中进行授权。像这样设置必要的请求
package middleware
import (
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
)
func Cors() echo.MiddlewareFunc {
return middleware.CORSWithConfig(middleware.CORSConfig{
AllowOrigins: []string{"http://localhost:3000"},
AllowMethods: []string{echo.GET, echo.PUT, echo.POST, echo.DELETE},
AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept, echo.HeaderAuthorization},
ExposeHeaders: []string{echo.HeaderContentLength, echo.HeaderSetCookie},
AllowCredentials: true, // Add this line to allow credentials
})
}